mandiant · emtuls · Oct 23, 2024 · Oct 16, 2024 · Oct 16, 2024 · Oct 16, 2024
diff --git a/packages/010editor.vm/010editor.vm.nuspec b/packages/010editor.vm/010editor.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd">
   <metadata>
     <id>010editor.vm</id>
-    <version>15.0</version>
+    <version>15.0.1</version>
     <description>Professional text and hex editor with Binary Templates technology.</description>
     <authors>SweetScape</authors>
     <dependencies>

diff --git a/packages/010editor.vm/tools/chocolateyinstall.ps1 b/packages/010editor.vm/tools/chocolateyinstall.ps1
@@ -5,10 +5,10 @@ try {
   $toolName = '010Editor'
   $category = 'Hex Editors'
 
-  $url   = 'https://download.sweetscape.com/010EditorWin32Installer15.0.exe'
-  $checksum = '20bb9534385c09e962da5f8653e6121368b1a330b1cd5e135d4afe39eab714eb'
-  $url64 = 'https://download.sweetscape.com/010EditorWin64Installer15.0.exe'
-  $checksum64 = 'a39860c150cc65399379a9072220eed0870b6a753a4fbaafd6c0741291a6490b'
+  $url   = 'https://download.sweetscape.com/010EditorWin32Installer15.0.1.exe'
+  $checksum = '4bb1d184863ccbd693158da763968f79a5b774bd7304c31884e93a93282c237e'
+  $url64 = 'https://download.sweetscape.com/010EditorWin64Installer15.0.1.exe'
+  $checksum64 = 'dafa378f64781f3faaa28c0a01805536c1023cb118927e6c2457797376428d91'
 
   $packageArgs = @{
     packageName   = ${Env:ChocolateyPackageName}

diff --git a/packages/capa.vm/capa.vm.nuspec b/packages/capa.vm/capa.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>capa.vm</id>
-    <version>7.3.0</version>
+    <version>7.4.0</version>
     <description>capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do.</description>
     <authors>@williballenthin, @mr-tz, @Ana06, @mike-hunhoff, @mwilliams31, @MalwareMechanic</authors>
     <dependencies>

diff --git a/packages/capa.vm/tools/chocolateyinstall.ps1 b/packages/capa.vm/tools/chocolateyinstall.ps1
@@ -4,7 +4,7 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'capa'
 $category = 'Utilities'
 
-$zipUrl = "https://github.com/mandiant/capa/releases/download/v7.3.0/capa-v7.3.0-windows.zip"
-$zipSha256 = "fc37549772c51fc48a0505bd38fff8ba5faaf9be1c9f1f04328641d46aee6163"
+$zipUrl = "https://github.com/mandiant/capa/releases/download/v7.4.0/capa-v7.4.0-windows.zip"
+$zipSha256 = "4ec2f7cd025751ee897e4818cda4ae572969848053b913d4d3e84ed7ac0af040"
 
 VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256 -consoleApp $true -arguments "--help"
diff --git a/packages/exiftool.vm/exiftool.vm.nuspec b/packages/exiftool.vm/exiftool.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>exiftool.vm</id>
-    <version>12.96.0</version>
+    <version>12.98.0</version>
     <authors>Phil Harvey</authors>
     <description>A tool for reeding and writing file metadata</description>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="exiftool" version="[12.96.0]" />
+      <dependency id="exiftool" version="[12.98.0]" />
     </dependencies>
   </metadata>
 </package>

diff --git a/packages/floss.vm/floss.vm.nuspec b/packages/floss.vm/floss.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd">
   <metadata>
     <id>floss.vm</id>
-    <version>3.1.0</version>
+    <version>3.1.1</version>
     <description>FLOSS uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. You can use it just like strings.exe to enhance basic static analysis of unknown binaries.</description>
     <authors>@williballenthin, @mr-tz</authors>
     <dependencies>

diff --git a/packages/floss.vm/tools/chocolateyinstall.ps1 b/packages/floss.vm/tools/chocolateyinstall.ps1
@@ -4,7 +4,7 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'FLOSS'
 $category = 'File Information'
 
-$zipUrl = "https://github.com/mandiant/flare-floss/releases/download/v3.1.0/floss-v3.1.0-windows.zip"
-$zipSha256 = "a2153c4fa542e995b1bb94b9d68e0aa39aa580999d33e84d6942b8296636bad5"
+$zipUrl = "https://github.com/mandiant/flare-floss/releases/download/v3.1.1/floss-v3.1.1-windows.zip"
+$zipSha256 = "6c71089b8c629c69424b042769f1565f71adc6cd24b2f8d3713c96fa7fdac2fb"
 
 VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256 -consoleApp $true -arguments "--help"
diff --git a/packages/gowitness.vm/gowitness.vm.nuspec b/packages/gowitness.vm/gowitness.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>gowitness.vm</id>
-    <version>3.0.3</version>
+    <version>3.0.4</version>
     <authors>sensepost</authors>
     <description>Website screenshot utility written in Golang, that uses Chrome Headless to generate screenshots of web interfaces using the command line, with a handy report viewer to process results.</description>
     <dependencies>

diff --git a/packages/gowitness.vm/tools/chocolateyinstall.ps1 b/packages/gowitness.vm/tools/chocolateyinstall.ps1
@@ -4,7 +4,7 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'GoWitness'
 $category = 'Reconnaissance'
 
-$exeUrl = 'https://github.com/sensepost/gowitness/releases/download/3.0.3/gowitness-3.0.3-windows-amd64.exe'
-$exeSha256 = '047401ecad3cd6c5e3c80e816cb7c5b6e60bc27c142745742761c2cbeebf5bc9'
+$exeUrl = 'https://github.com/sensepost/gowitness/releases/download/3.0.4/gowitness-3.0.4-windows-amd64.exe'
+$exeSha256 = 'f47ca3f6f2f23bb56536150e0f2bed2e5deceda07115d1ef08957b40436ce783'
 
 VM-Install-Single-Exe $toolName $category $exeUrl -exeSha256 $exeSha256 -consoleApp $true
diff --git a/packages/ida.plugin.hashdb.vm/ida.plugin.hashdb.vm.nuspec b/packages/ida.plugin.hashdb.vm/ida.plugin.hashdb.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>ida.plugin.hashdb.vm</id>
-    <version>1.9.1.20240526</version>
+    <version>1.10.0</version>
     <authors>OALabs</authors>
     <description>Malware string hash lookup plugin for IDA Pro</description>
     <dependencies>

diff --git a/packages/ida.plugin.hashdb.vm/tools/chocolateyinstall.ps1 b/packages/ida.plugin.hashdb.vm/tools/chocolateyinstall.ps1
@@ -2,12 +2,12 @@ $ErrorActionPreference = 'Stop'
 Import-Module vm.common -Force -DisableNameChecking
 
 try {
-    # Install requirements: https://github.com/OALabs/hashdb-ida/blob/1.9.1/requirements.txt
+    # Install requirements: https://github.com/OALabs/hashdb-ida/blob/1.10.0/requirements.txt
     VM-Pip-Install requests
 
     $pluginName = 'hashdb.py'
-    $pluginUrl = 'https://github.com/OALabs/hashdb-ida/releases/download/1.9.1/hashdb.py'
-    $pluginSha256 = 'bd2022af77d27fb447adcad71bb9b33a255e59f646ca6961a64c78e26d2c4066'
+    $pluginUrl = 'https://github.com/OALabs/hashdb-ida/releases/download/1.10.0/hashdb.py'
+    $pluginSha256 = '8d153281ce9feccf00eb63c56fe0fbcc9534ce005635a91565c2340fbf5db651'
 
     VM-Install-IDA-Plugin -pluginName $pluginName -pluginUrl $pluginUrl -pluginSha256 $pluginSha256
 } catch {

diff --git a/packages/snaffler.vm/snaffler.vm.nuspec b/packages/snaffler.vm/snaffler.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>snaffler.vm</id>
-    <version>1.0.170</version>
+    <version>1.0.179</version>
     <authors>l0ss, Sh3r4</authors>
     <description>Snaffler is a tool for enumerating accessible SMB shares in an Active Directory environment.</description>
     <dependencies>

diff --git a/packages/snaffler.vm/tools/chocolateyinstall.ps1 b/packages/snaffler.vm/tools/chocolateyinstall.ps1
@@ -4,7 +4,7 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'Snaffler'
 $category = 'Reconnaissance'
 
-$exeUrl = 'https://github.com/SnaffCon/Snaffler/releases/download/1.0.170/Snaffler.exe'
-$exeSha256 = 'b8a279b6576b3aa7f7ae8e4a44d5ab9b51ffdab7b5409582d7f7cbe02cfb6229'
+$exeUrl = 'https://github.com/SnaffCon/Snaffler/releases/download/1.0.179/Snaffler.exe'
+$exeSha256 = 'e37c93696ca4b0e763fff07431cc7ff6b0e4e03415113ad2faf08bfed0bada39'
 
 VM-Install-Single-Exe $toolName $category $exeUrl -exeSha256 $exeSha256 -consoleApp $true
diff --git a/packages/systeminformer.vm/systeminformer.vm.nuspec b/packages/systeminformer.vm/systeminformer.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>systeminformer.vm</id>
-    <version>3.1.24266</version>
+    <version>3.1.24290</version>
     <authors>winsiderss</authors>
     <description>A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.</description>
     <dependencies>

diff --git a/packages/systeminformer.vm/tools/chocolateyinstall.ps1 b/packages/systeminformer.vm/tools/chocolateyinstall.ps1
@@ -4,8 +4,8 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'SystemInformer'
 $category = 'Utilities'
 
-$zipUrl = 'https://github.com/winsiderss/si-builds/releases/download/3.1.24266/systeminformer-3.1.24266-release-bin.zip'
-$zipSha256 = 'c443e3be5a047b52757b070b89136560c0a038d8acd07adca480d3cf1e572c42'
+$zipUrl = 'https://github.com/winsiderss/si-builds/releases/download/3.1.24290/systeminformer-3.1.24290-release-bin.zip'
+$zipSha256 = '584e320e931dc008f429c6ed22cef5c0d805494fbfddfef81c366622ad410096'
 $executableName = "amd64\$toolName.exe"
 
 VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256 -executableName $executableName -consoleApp $false
diff --git a/packages/tor-browser.vm/tor-browser.vm.nuspec b/packages/tor-browser.vm/tor-browser.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>tor-browser.vm</id>
-    <version>13.5.4</version>
+    <version>13.5.7</version>
     <authors>Tor Project</authors>
     <description>The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world.</description>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="tor-browser" version="[13.5.4]" />
+      <dependency id="tor-browser" version="[13.5.7]" />
     </dependencies>
   </metadata>
 </package>
diff --git a/packages/vscode.vm/vscode.vm.nuspec b/packages/vscode.vm/vscode.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>vscode.vm</id>
-    <version>1.93.1</version>
+    <version>1.94.2</version>
     <authors>Microsoft</authors>
     <description>VSCode is a modern, open-source code editor.</description>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="vscode" version="[1.93.1]" />
+      <dependency id="vscode" version="[1.94.2]" />
     </dependencies>
   </metadata>
 </package>
diff --git a/packages/wireshark.vm/wireshark.vm.nuspec b/packages/wireshark.vm/wireshark.vm.nuspec
@@ -2,13 +2,13 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>wireshark.vm</id>
-    <version>4.4.0</version>
+    <version>4.4.1</version>
     <description>Wireshark lets you capture and interactively browse the traffic running on a computer network.</description>
     <authors>Gerald Combs, Wireshark team</authors>
     <dependencies>
       <dependency id="common.vm" />
       <dependency id="npcap.vm" />
-      <dependency id="wireshark" version="[4.4.0]" />
+      <dependency id="wireshark" version="[4.4.1]" />
     </dependencies>
   </metadata>
 </package>