%global _empty_manifest_terminate_build 0
Name: python-xleapp
Version: 0.2.1
Release: 1
Summary: Multiplaform Logs, Events, And Plists Parser
License: MIT
URL: https://github.com/flamusdiu/xleapp
Source0: https://mirrors.aliyun.com/pypi/web/packages/ff/46/de4bd91e877c654c293db1a0a28defcdd316ebedac4c467b6f916978f5a3/xleapp-0.2.1.tar.gz
BuildArch: noarch
Requires: python3-Jinja2
Requires: python3-PySimpleGUI
Requires: python3-PyYAML
Requires: python3-prettytable
Requires: python3-magic-bin
Requires: python3-simplekml
Requires: python3-wrapt
%description
# xLEAPP
[](https://github.com/psf/black)
**Development build. Please be cauious using on real cases.**
Framework for Logs, Events, And Plists Parser (LEAPP)
This framework is a complete rewrite of the excellent tool iLEAPP.Details of iLEAPP can be found in this [blog post](https://abrignoni.blogspot.com/2019/12/xleapp-ios-logs-events-and-properties.html)
xLEAPP is the framework created to merge several tools together. More information about the rewrite is given in by talk ([YouTube](https://www.youtube.com/watch?v=seTpCmSF0Gc)) at Black Hills Info Security's Wild West Hackin' Fest (WWHF): Deadwood in 2021.
## Features
* Provides a centralized and modular framework
* Provides a simplified way to write plugins (artifacts) for each different supported platform.
* Parses iOS, macOS, Android, Chromebook, warranty returns, and Windows artifacts depending on the plugins installed.
## Other Documentation
* [Artifact Creation](docs/current/artifact-creation.md)
## Pre-requisites
This project requires you to have Python >= 3.9
## Plugins
Here is a list of plugins that need to be completed. Plugin package suffixed with "non-free" use licenses that may not conform with MIT licenses and are seperated out.
- [X] xleapp-ios [[Github](https://github.com/flamusdiu/xleapp-ios)] [[PyPI](https://pypi.org/project/xleapp-ios/)]
- [ ] xleapp-ios-non-free [[Github](https://github.com/flamusdiu/xleapp-ios)]
- [ ] xleapp-android
- [ ] xleapp-android-non-free
- [ ] xleapp-chrome
- [ ] xleapp-chrome-non-free
- [ ] xleapp-returns
- [ ] xleapp-returns-non-free
- [ ] xleapp-vehicles
- [ ] xleapp-vehicles-non-free
- [ ] xleapp-windows
- [ ] xleapp-windows-non-free
## Installation
### Windows
* Python
```powershell
PS> py -3 -m pip install xleapp
PS> py -3 -m pip install xleapp-
```
* PIPX
```powershell
PS> py -3 -m pip install pipx
PS> pipx install xleapp
PS> pipx inject xleapp xleapp-
```
### Linux
* Python
```bash
$ python3 -m pip install xleapp
$ python3 -m pip install xleapp-
```
* PIPX
```bash
$ python3 -m pip install pipx
$ pipx install xleapp
$ pipx inject xleapp xleapp-
```
## Installation from Github and Development Information
* [Windows](docs/current/windows.md)
* [Linux](docs/current/linux.md)
## VS Code configuration files
There are several [configuration files](https://github.com/flamusdiu/xleapp-project) that I have been using for VS Code.
## Compile to executable
**NOTE:** This may not work at this time with this alpha version.
To compile to an executable so you can run this on a system without python installed.
To create xleapp.exe, run:
```bash
pyinstaller --onefile xleapp.spec
```
To create xleappGUI.exe, run:
```bash
pyinstaller --onefile --noconsole xleappGUI.spec
```
## Usage
### CLI
```bash
$ xleapp -h
usage: xleapp [-h] [-I] [-R] [-A] [-C] [-V] [-o OUTPUT_FOLDER] [-i INPUT_PATH]
[--artifacts [ARTIFACTS ...]] [-p] [-l] [--gui] [--version]
xLEAPP: Logs, Events, and Plists Parser.
optional arguments:
-h, --help show this help message and exit
-I parse ios artifacts
-R parse Warrant Returns / User Generated Archives artifacts
-A parse android artifacts
-C parse Chromebook artifacts
-V parse vehicle artifacts
-o OUTPUT_FOLDER, --output_folder OUTPUT_FOLDER
Output folder path
-i INPUT_PATH, --input_path INPUT_PATH
Path to input file/folder
--artifact [ARTIFACT ...]
Filtered list of artifacts to run. Allowed: core,
-p, --artifact_paths Text file list of artifact paths
-l, --artifact_table Text file with table of artifacts
--gui Runs xLEAPP into graphical mode
--version show program's version number and exit
```
### GUI
This needs work and may not work properly!
```bash
$ xleapp --gui
```
### Help
```bash
$ xleapp.py --help
```
The GUI will open in another window.
## Acknowledgements
This tool is the result of a collaborative effort of many people in the DFIR community.
This product includes software developed by Sarah Edwards (Station X Labs, LLC, @iamevltwin, mac4n6.com) and other contributors as part of APOLLO (Apple Pattern of Life Lazy Output'er).
%package -n python3-xleapp
Summary: Multiplaform Logs, Events, And Plists Parser
Provides: python-xleapp
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: python3-pip
%description -n python3-xleapp
# xLEAPP
[](https://github.com/psf/black)
**Development build. Please be cauious using on real cases.**
Framework for Logs, Events, And Plists Parser (LEAPP)
This framework is a complete rewrite of the excellent tool iLEAPP.Details of iLEAPP can be found in this [blog post](https://abrignoni.blogspot.com/2019/12/xleapp-ios-logs-events-and-properties.html)
xLEAPP is the framework created to merge several tools together. More information about the rewrite is given in by talk ([YouTube](https://www.youtube.com/watch?v=seTpCmSF0Gc)) at Black Hills Info Security's Wild West Hackin' Fest (WWHF): Deadwood in 2021.
## Features
* Provides a centralized and modular framework
* Provides a simplified way to write plugins (artifacts) for each different supported platform.
* Parses iOS, macOS, Android, Chromebook, warranty returns, and Windows artifacts depending on the plugins installed.
## Other Documentation
* [Artifact Creation](docs/current/artifact-creation.md)
## Pre-requisites
This project requires you to have Python >= 3.9
## Plugins
Here is a list of plugins that need to be completed. Plugin package suffixed with "non-free" use licenses that may not conform with MIT licenses and are seperated out.
- [X] xleapp-ios [[Github](https://github.com/flamusdiu/xleapp-ios)] [[PyPI](https://pypi.org/project/xleapp-ios/)]
- [ ] xleapp-ios-non-free [[Github](https://github.com/flamusdiu/xleapp-ios)]
- [ ] xleapp-android
- [ ] xleapp-android-non-free
- [ ] xleapp-chrome
- [ ] xleapp-chrome-non-free
- [ ] xleapp-returns
- [ ] xleapp-returns-non-free
- [ ] xleapp-vehicles
- [ ] xleapp-vehicles-non-free
- [ ] xleapp-windows
- [ ] xleapp-windows-non-free
## Installation
### Windows
* Python
```powershell
PS> py -3 -m pip install xleapp
PS> py -3 -m pip install xleapp-
```
* PIPX
```powershell
PS> py -3 -m pip install pipx
PS> pipx install xleapp
PS> pipx inject xleapp xleapp-
```
### Linux
* Python
```bash
$ python3 -m pip install xleapp
$ python3 -m pip install xleapp-
```
* PIPX
```bash
$ python3 -m pip install pipx
$ pipx install xleapp
$ pipx inject xleapp xleapp-
```
## Installation from Github and Development Information
* [Windows](docs/current/windows.md)
* [Linux](docs/current/linux.md)
## VS Code configuration files
There are several [configuration files](https://github.com/flamusdiu/xleapp-project) that I have been using for VS Code.
## Compile to executable
**NOTE:** This may not work at this time with this alpha version.
To compile to an executable so you can run this on a system without python installed.
To create xleapp.exe, run:
```bash
pyinstaller --onefile xleapp.spec
```
To create xleappGUI.exe, run:
```bash
pyinstaller --onefile --noconsole xleappGUI.spec
```
## Usage
### CLI
```bash
$ xleapp -h
usage: xleapp [-h] [-I] [-R] [-A] [-C] [-V] [-o OUTPUT_FOLDER] [-i INPUT_PATH]
[--artifacts [ARTIFACTS ...]] [-p] [-l] [--gui] [--version]
xLEAPP: Logs, Events, and Plists Parser.
optional arguments:
-h, --help show this help message and exit
-I parse ios artifacts
-R parse Warrant Returns / User Generated Archives artifacts
-A parse android artifacts
-C parse Chromebook artifacts
-V parse vehicle artifacts
-o OUTPUT_FOLDER, --output_folder OUTPUT_FOLDER
Output folder path
-i INPUT_PATH, --input_path INPUT_PATH
Path to input file/folder
--artifact [ARTIFACT ...]
Filtered list of artifacts to run. Allowed: core,
-p, --artifact_paths Text file list of artifact paths
-l, --artifact_table Text file with table of artifacts
--gui Runs xLEAPP into graphical mode
--version show program's version number and exit
```
### GUI
This needs work and may not work properly!
```bash
$ xleapp --gui
```
### Help
```bash
$ xleapp.py --help
```
The GUI will open in another window.
## Acknowledgements
This tool is the result of a collaborative effort of many people in the DFIR community.
This product includes software developed by Sarah Edwards (Station X Labs, LLC, @iamevltwin, mac4n6.com) and other contributors as part of APOLLO (Apple Pattern of Life Lazy Output'er).
%package help
Summary: Development documents and examples for xleapp
Provides: python3-xleapp-doc
%description help
# xLEAPP
[](https://github.com/psf/black)
**Development build. Please be cauious using on real cases.**
Framework for Logs, Events, And Plists Parser (LEAPP)
This framework is a complete rewrite of the excellent tool iLEAPP.Details of iLEAPP can be found in this [blog post](https://abrignoni.blogspot.com/2019/12/xleapp-ios-logs-events-and-properties.html)
xLEAPP is the framework created to merge several tools together. More information about the rewrite is given in by talk ([YouTube](https://www.youtube.com/watch?v=seTpCmSF0Gc)) at Black Hills Info Security's Wild West Hackin' Fest (WWHF): Deadwood in 2021.
## Features
* Provides a centralized and modular framework
* Provides a simplified way to write plugins (artifacts) for each different supported platform.
* Parses iOS, macOS, Android, Chromebook, warranty returns, and Windows artifacts depending on the plugins installed.
## Other Documentation
* [Artifact Creation](docs/current/artifact-creation.md)
## Pre-requisites
This project requires you to have Python >= 3.9
## Plugins
Here is a list of plugins that need to be completed. Plugin package suffixed with "non-free" use licenses that may not conform with MIT licenses and are seperated out.
- [X] xleapp-ios [[Github](https://github.com/flamusdiu/xleapp-ios)] [[PyPI](https://pypi.org/project/xleapp-ios/)]
- [ ] xleapp-ios-non-free [[Github](https://github.com/flamusdiu/xleapp-ios)]
- [ ] xleapp-android
- [ ] xleapp-android-non-free
- [ ] xleapp-chrome
- [ ] xleapp-chrome-non-free
- [ ] xleapp-returns
- [ ] xleapp-returns-non-free
- [ ] xleapp-vehicles
- [ ] xleapp-vehicles-non-free
- [ ] xleapp-windows
- [ ] xleapp-windows-non-free
## Installation
### Windows
* Python
```powershell
PS> py -3 -m pip install xleapp
PS> py -3 -m pip install xleapp-
```
* PIPX
```powershell
PS> py -3 -m pip install pipx
PS> pipx install xleapp
PS> pipx inject xleapp xleapp-
```
### Linux
* Python
```bash
$ python3 -m pip install xleapp
$ python3 -m pip install xleapp-
```
* PIPX
```bash
$ python3 -m pip install pipx
$ pipx install xleapp
$ pipx inject xleapp xleapp-
```
## Installation from Github and Development Information
* [Windows](docs/current/windows.md)
* [Linux](docs/current/linux.md)
## VS Code configuration files
There are several [configuration files](https://github.com/flamusdiu/xleapp-project) that I have been using for VS Code.
## Compile to executable
**NOTE:** This may not work at this time with this alpha version.
To compile to an executable so you can run this on a system without python installed.
To create xleapp.exe, run:
```bash
pyinstaller --onefile xleapp.spec
```
To create xleappGUI.exe, run:
```bash
pyinstaller --onefile --noconsole xleappGUI.spec
```
## Usage
### CLI
```bash
$ xleapp -h
usage: xleapp [-h] [-I] [-R] [-A] [-C] [-V] [-o OUTPUT_FOLDER] [-i INPUT_PATH]
[--artifacts [ARTIFACTS ...]] [-p] [-l] [--gui] [--version]
xLEAPP: Logs, Events, and Plists Parser.
optional arguments:
-h, --help show this help message and exit
-I parse ios artifacts
-R parse Warrant Returns / User Generated Archives artifacts
-A parse android artifacts
-C parse Chromebook artifacts
-V parse vehicle artifacts
-o OUTPUT_FOLDER, --output_folder OUTPUT_FOLDER
Output folder path
-i INPUT_PATH, --input_path INPUT_PATH
Path to input file/folder
--artifact [ARTIFACT ...]
Filtered list of artifacts to run. Allowed: core,
-p, --artifact_paths Text file list of artifact paths
-l, --artifact_table Text file with table of artifacts
--gui Runs xLEAPP into graphical mode
--version show program's version number and exit
```
### GUI
This needs work and may not work properly!
```bash
$ xleapp --gui
```
### Help
```bash
$ xleapp.py --help
```
The GUI will open in another window.
## Acknowledgements
This tool is the result of a collaborative effort of many people in the DFIR community.
This product includes software developed by Sarah Edwards (Station X Labs, LLC, @iamevltwin, mac4n6.com) and other contributors as part of APOLLO (Apple Pattern of Life Lazy Output'er).
%prep
%autosetup -n xleapp-0.2.1
%build
%py3_build
%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
find usr/lib -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
find usr/lib64 -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
find usr/bin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
find usr/sbin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
find usr/share/man -type f -printf "\"/%h/%f.gz\"\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .
%files -n python3-xleapp -f filelist.lst
%dir %{python3_sitelib}/*
%files help -f doclist.lst
%{_docdir}/*
%changelog
* Fri Jun 09 2023 Python_Bot - 0.2.1-1
- Package Spec generated