New release?

Question

New release?

massimiliano-dalcero opened this issue 9 months ago · 4 comments

massimiliano-dalcero commented 9 months ago

Hello :),
I'm using the cloned and compiled version of go-ntfs and it works fine even with partition offset in "ls command".
I noticed that the current release doesn't work the same way.
There is an idea of when we will be able to have the new release based on the current code replacing the current one from 2020 :)

Thanks & Best regards

Answer 1 · 2024-04-11T00:06:56.000Z

Thanks for bringing up this issue - this library is used heavily in Velociraptor and does not have a real release cycle as such, we just track master in the Velociraptor project. Therefore this library is extensively tested in the Velociraptor project and in production.

The binaries in this project are for casual testing of the library and are not really used for much else. The binaries are actually built on every commit in the github actions tab above

I will update the release notes to make that clearer.

Answer 2 · 2024-04-11T17:39:10.000Z

thank you so much for the quick and kind response 😊.
I use ntfs.exe with satisfaction in forensics and live response activities, and for a question of reliability the fact that the .exe was digitally signed was a plus.
I noticed that the current version is no longer signed. Do you know if there will be a plan to release a signed version as well? 😊

Thank you so much for your patience and everything 🖖

Answer 3 · 2024-04-12T01:40:47.000Z

Our signing pipeline is a bit different now so it is unlikely that I will be able to sign this binary (without creating a whole new release pipeline). As I mentioned the proper way to use this library is with Velociraptor (which is also signed and much more powerful than this simple exe). I recommend you check out Velociraptor if you had not already :-)

Answer 4 · 2024-04-12T03:33:20.000Z

Hello @scudette ,
thanks for your kind feedback 😉
I know very well velociraptor and use it too, but for other and more structured purposes.
Ntfs.exe is a tool that I find convenient for more "manual" tasks and that I use as an alternative to sleuthkit 😊
It's a pity that you can no longer have a digitally signed version, because it was really a "plus" feature that proved useful on a formal context 😊

Thank you so much for your patience and everything 🖖