[1.3.0] - 2025-01-27
Added
- UAL-Analyzer: UserAgent-Blacklist.csv
- UAL-Analyzer: MailItemsAccessed → AppId-AppDisplayName (Stats)
- UAL-Analyzer: ClientInfoString and Mailbox Synchronization detection of eM Client (Traitorware)
- EntraAuditLogs-Analyzer: UserAgent-Blacklist.csv
- EntraAuditLogs-Analyzer: Activity (Line Chart)
- EntraSignInLogs-Analyzer: UserAgent-Blacklist.csv
- EntraSignInLogs-Analyzer: SignInEventTypes (Stats)
Fixed
- ReadTheDocs links of the Microsoft-Extractor-Suite documentation updated
- Multiple minor fixes and improvements
Fig 1: ClientInfoString (Stats) → 'Client=OWA;Action=ViaProxy' and 'Client=WebServices;eM Client'
Fig 2: Investigating Mailbox Synchronization (MailItemsAcessed by ApplicationId → Count by InternetMessageId)