Hindsight 2021.01.16

The 2021.01.16 release of Hindsight adds some new features, including improved LevelDB parsing (including deleted!), viewing Hindsight results in the web UI, and more! Blog post with more info.

Details:

• Switch to using CCL Forensics' LevelDB parsing code; makes parsing use less dependencies & allows recovery of some deleted records
• Add ability to view results of parsing in the Hindsight web UI, using a SQL-like interface
• Add parsing of new Media History database
• Add support for Chrome 84 - 87
• Parse additional login items using the stats table
• Improve Bookmarks parsing to include synced bookmarks
• Add flag (enabled by default) for copying SQLite databases to a temp directory before opening them
• Change default logging & output directories to be the current working directory

Both the GUI and command line versions of this release are available as:

• compiled exes attached to this release or in the dist/ folder
• .py versions are available by pip install pyhindsight or by downloading/cloning the GitHub repo.

EDIT: Windows Defender has been flagging the EXEs as malware, presumably because they were packaged with PyInstaller. The Python script versions are not being flagged. If you'd like to build the EXEs from the Python code yourself, all I did was: pyinstaller --distpath .\dist .\spec\hindsight.spec from the root of the repo.