Skip to content

Releases: kacos2000/Jumplist-Browser

LNK & Jumplist Browser

23 Jan 13:41
@kacos2000 kacos2000
v.1.0.6.0
a806359
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

MD5: A87E617AB57A79ABE5664A80F1C160BD
SHA256: 85FA8B73B057AB009630521E7C96132FE18F698E5542A1B3EE78BEB0D61D9E1E

Loading

LNK & Jumplist Browser

22 Jan 08:27
@kacos2000 kacos2000
v.1.0.5.0
c86f5fc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • Corrected the GUID/Droid Labels as per [MS-DLTW] and [MS-SHLLINK] to VolumeID & File ObjectID
    (for both LNK TrackerDataBlock & automaticDestinations-ms DestList stream entries):

    Example MFT record - LNK:

*`MAC address Manufacturer info is sourced from 'maclookup.app'

MD5: 440AEABF6D67FFD34342565A4037F1A7
SHA256: AD894B4073636381E8E58F47227AF03251073B3C7C44B62786C491363B2D7731

Loading

LNK & Jumplist Browser

20 Jan 12:56
@kacos2000 kacos2000
v.1.0.3.0
e38c175
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • Added SID translation:
  • a few small corrections

MD5: 1343A08CDB65B7231F0649F354E6B384
SHA256: 06C1AA649D62B6AC98028646877DB5140BEC05EE63198686BCA5653D2E9D1B5A

Loading

LNK & Jumplist Browser

18 Jan 15:14
@kacos2000 kacos2000
v.1.0.2.0
e38c175
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • small correction in 1SPS entries with FormatID: UserDefinedProperties [D5CDD505-2E9C-101B-9397-08002B2CF9AE]
    (mostly seen in 5a2098e080cf7ac4.automaticDestinations-ms)

MD5: 46DE749C7648EB49624EEF301B6A1119
SHA256: D16F11D0C7277AA6BF100DC8D1784CFCD8DEED4DAEED14CCA652A9481C0E8B40

Loading

LNK & Jumplist Browser

15 Jan 15:42
@kacos2000 kacos2000
v.1.0.1.0
a6b9881
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • small corrections

MD5: 3C47E527EDE85BA0720023FDD5450B90
SHA256: 814B8EF4C8C3E7DFFCC413DD425780E86E834BB7F46940E6AE089479981757C6

Loading

LNK & Jumplist Browser

14 Jan 15:36
@kacos2000 kacos2000
v.1.0.0.0
b6d4e1e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • Updated Serialized Property (1SPS) parsing
  • Added more HKCU keys to process:
    • 'Software\Microsoft\Windows\CurrentVersion\Explorer\Streams'
    • 'Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery'
  • other small changes and corrections

MD5: CA47171D089AEC5A07956965503C13BE
SHA256: C22D640A6A65F9214CDE267F239DC2A6E1C2366B03EE055DB4286E11C378C4A7

Loading

LNK & Jumplist Browser

07 Jan 23:40
@kacos2000 kacos2000
v.0.0.52.0
74dec3b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • Updated Serialized Property (1SPS) parsing, including :

  • New WYSIWYG approach to save the tree to a JSON file:
    (Now working with LNK, & Custom & AutomatcDestinations-ms files as well as MRU stuff)

  • Quite a few other small changes and corrections

MD5: 299303359B4DC6CE224A5FE21911D12C
SHA256: 4CAFDCF1B0883B9C86C12800E456458FA64E72B5ECFACEDC00483C98D78C7E4F

Loading

LNK & Jumplist Browser

03 Jan 20:40
@kacos2000 kacos2000
v.0.0.51.0
01fe80c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • Added support for some old Item ID Types: 23, 31, 32 & B1 (from Windows 98 ?) :

  • Added an easier way to find Jumplists (if their AppId is already known):

  • Added a basic search function:

  • Added Registry subkey LastWriteTime (UTC) Timestamps:
    (thanks to @shaunhess's function, retrieved from @MattiasC85 .ps1), slightly modified.

  • Files are now sorted by LastWriteTimeUtc (descending)

  • Plus a few other small changes/corrections (like the High-DPI support)

MD5: 6A3173B2C74D4E6F663844DCD6A12623
SHA256: AD0BBB43373480FA0E12066AE9C82AFD03239DF674F6CA3450C41AD6583849E0

Contributors

shaunhess and MattiasC85
Loading

LNK & Jumplist Browser

31 Dec 23:41
@kacos2000 kacos2000
v.0.0.50.0
378a4e9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • The year :)
    Happy 2024!

  • Corrected the 'DosDateTime-FromHex' function:
    ("By default the en-US culture is used by .NET according to which the Date is in Month/Day/Year format" )
    By specifying the CultureInfo, timestamps now display correctly:

  • Corrected/Updated ItemID types [74] (Folder) & [77] (File):

  • Fixed an annoying bug (at last) occurring when searching for some specific CLSID

  • A few other small changes ..

Another 64bit ShellLNK File Size verification example:

MD5: C2D0EC0DD35AB7273D234B29C3DC9686
SHA256: 134A832E10D67B9FE2A99D4559E3E5157404F5EF8A136E03C49FD67FFD32B9E8

Loading

LNK & Jumplist Browser

30 Dec 21:59
@kacos2000 kacos2000
v.0.0.40.0
3f9e64f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
LNK & Jumplist Browser

[Updates]

  • Added more HKCU keys to process:

    • 'Software\Microsoft\Windows\Shell\BagMRU'
    • 'Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU'
    • 'Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs'
    • 'Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU'
    • 'Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidlMRU'
    • 'Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRU'
    • 'Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedPidlMRULegacy'

  • HKCU key value entries are listed according to the their respective 'MRUListEx' entries

  • Added support for LNK AlternateDataStreams, including the ability to export them or view them with Notepad (Zone.Identifier only):


  • Other minor changes

  • To Do reminder:

    • Find a way to read Registry key/value LastWrite timestamps ( v.0..0.51.0)

Another 64bit ShellLNK File Size verification example:
$MFT Record vs OpenSavePidlMRU entry:

MD5: 88A5470E55A3BDF713D2E9E931D95A65
SHA256: B282ED59673D96B032FFAA7ABAE82BAC9C6D978B4D0922DEEF705B2A0EF7B3C2

Loading