Merge pull request #952 from reece394/master

Migrate RECmd_Kroll to RECmd_DFIRBatch
EricZimmerman · Jul 20, 2024 · d877355 · d877355
2 parents ff6a3e9 + 6268e1c
commit d877355
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/Modules/Compound/!EZParser.mkape b/Modules/Compound/!EZParser.mkape
@@ -1,7 +1,7 @@
 Description: Eric Zimmerman Parsers
 Category: Modules
 Author: Phill Moore
-Version: 1.4
+Version: 1.5
 Id: f531e7cc-c9f3-4d04-881b-dbc89d1e7f38
 BinaryUrl: https://ericzimmerman.github.io/
 ExportFormat: csv
@@ -43,7 +43,7 @@ Processors:
         CommandLine: ""
         ExportFormat: ""
     -
-        Executable: RECmd_Kroll.mkape
+        Executable: RECmd_DFIRBatch.mkape
         CommandLine: ""
         ExportFormat: ""
     -

diff --git a/Modules/Compound/RECmd_AllBatchFiles.mkape b/Modules/Compound/RECmd_AllBatchFiles.mkape
@@ -1,7 +1,7 @@
 Description: 'RECmd: All RECmd Batch Output'
 Category: Registry
 Author: Andrew Rathbun
-Version: 1.1
+Version: 1.2
 Id: f2c9c95d-375e-4fb7-b069-7e9b95ea6db5
 BinaryUrl: https://f001.backblazeb2.com/file/EricZimmermanTools/RegistryExplorer_RECmd.zip
 ExportFormat: csv
@@ -23,7 +23,7 @@ Processors:
         CommandLine: ""
         ExportFormat: ""
     -
-        Executable: RECmd_Kroll.mkape
+        Executable: RECmd_DFIRBatch.mkape
         CommandLine: ""
         ExportFormat: ""
     -

diff --git a/Modules/EZTools/RECmd/RECmd_Kroll.mkape → Modules/EZTools/RECmd/RECmd_DFIRBatch.mkape b/Modules/EZTools/RECmd/RECmd_Kroll.mkape → Modules/EZTools/RECmd/RECmd_DFIRBatch.mkape
@@ -1,14 +1,14 @@
-Description: 'RECmd: Kroll'
+Description: 'RECmd: DFIR'
 Category: Registry
 Author: Andrew Rathbun
-Version: 1.0
+Version: 1.1
 Id: 26e4a8f6-d745-4195-8b8e-563cf32a4952
 BinaryUrl: https://f001.backblazeb2.com/file/EricZimmermanTools/RECmd.zip
 ExportFormat: csv
 Processors:
     -
         Executable: RECmd\RECmd.exe
-        CommandLine: -d %sourceDirectory% --bn BatchExamples\Kroll_Batch.reb --nl false --csv %destinationDirectory%
+        CommandLine: -d %sourceDirectory% --bn BatchExamples\DFIRBatch.reb --nl false --csv %destinationDirectory%
         ExportFormat: csv
 
 # Documentation
@@ -20,5 +20,5 @@ Processors:
 # https://www.youtube.com/watch?v=tk9XsMHzPlM
 # https://www.youtube.com/watch?v=GhCZfCzn2l0
 # https://leanpub.com/eztoolsmanuals
-# Uses the Kroll batch command file. This file should reside within KAPE\Module\bin\RECmd\BatchExamples.
+# Uses the DFIR batch command file. This file should reside within KAPE\Module\bin\RECmd\BatchExamples.
 # Note: --nl false replays transaction logs. If you don't want to replay transaction logs, change to --nl true.