News

June 2022

• added page Hardware problems (Asus)
• rebuilt site navigation, new header menu

April 2022

• added Cayman National: Hyper-V exfiltration case study.

March 2022

• new feature: recursive exfiltration of virtual servers hosted on VMware / Hyper-V hypervisors
• improved checking serial numbers of drives behind USB bridges

February 2022

• reworked scheme, how exclusion rules are divided into functional groups (and thus separate repositories) - this includes extensive changes in 3 from 8 existing repositories, and introducing 5 new ones; the new scheme makes it much easier to focus on each functional group separately

January 2022

• added deployment-scripts repository, with initial version of Drive Badger mass deployment tool

December 2021

• all Wiki pages are now mapped as articles on project pages (for both Drive Badger and Funkcjonariusz)
• finished polish translation of all documentation for Funkcjonariusz project

October 2021

• started first Drive Badger national branding project: Funkcjonariusz for Poland
• started restructuring main Wiki into 2 new ones: field manuals (operational manuals and various other content outside products scope) and project (pages related to the overall project, not just the product - News, Roadmap etc.)

September 2021

• added support for filesystem injection (making changes to exfiltrated partitions), along with documentation and a few examples
• reimplemented old hardware drivers for Mobile Badger (now available in a separate repository to avoid possible copyright problems with future drivers), see the new Wiki page

August 2021

• added support for MMC drives
• added detailed comparison between Drive Badger and competitive tools for lawful interception
• finally implemented proper loading of drive encryption keys previously matched to current drive

July 2021

• Windows 11 is officially supported and joins the group of continuously retested systems
• Drive Badger can be run in new mode, as primary OS on Raspberry Pi or any other computer with Debian/Ubuntu - this new mode leverages all configuration and hooks, and brings support for:
  • MTP devices: phones, tablets etc.
  • PTP devices: mainly photo cameras, but also phones etc.
  • external USB drives (when it's impossible to exfiltrate data straight from victim computer)

June 2021

• added support for VeraCrypt encryption

April 2021

• added support for LUKS encryption
• finished the documentation (as planned for the start)

March 2021

• finally added support for exfiltrating Mac OS (including new APFS filesystem and FileVault encryption)

Earlier history

• see full project history since April 2017 on this page