Update documentation files

actions-user · actions-user · commit 4573541769de · 2025-04-10T16:49:34.000Z
diff --git a/admin/docs/module_info.md b/admin/docs/module_info.md
@@ -9,11 +9,11 @@ The data below is generated by the [@module_info.py](https://github.com/abrignon
 
 Total number of modules: 271  
 Number of v1 artifacts: 88  
-Number of v2 artifacts: 295  
-Number of modules with 'lava output': 258  
-Number of modules using 'artifact_icon': 169  
-Number of modules using 'version': 238  
-Number of modules using 'last_update_date': 70  
+Number of v2 artifacts: 296  
+Number of modules with 'lava output': 259  
+Number of modules using 'artifact_icon': 171  
+Number of modules using 'version': 237  
+Number of modules using 'last_update_date': 72  
 Number of modules with errors or no recognized artifacts: 3  
 
 ## V2 Artifacts Table
@@ -129,6 +129,7 @@ Number of modules with errors or no recognized artifacts: 3
 | [airdropId.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/airdropId.py) | airdropId | Airdrop ID | none | settings |  | 2025-01-28 | Extract Airdrop ID | ``*/mobile/Library/Preferences/com.apple.sharingd.plist`` |
 | [allTrails.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/allTrails.py) | allTrailsTrailDetails | AllTrails - Trail Details | html, tsv, lava | map |  | 2024-12-17 | Extract trail details from AllTrails App | ``*/Documents/AllTrails.sqlite*`` |
 | [allTrails.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/allTrails.py) | allTrailsUserInfo | AllTrails - User Info | all | user |  | 2024-12-17 | Extract user info from AllTrails App | ``*/Documents/AllTrails.sqlite*`` |
+| [appConduit.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/appConduit.py) | appConduit | App Conduit | standard | activity |  | 2025-04-05 | The AppConduit log file stores information about interactions between iPhone and other iOS devices, i.e. Apple Watch | ``*/mobile/Library/Logs/AppConduit/AppConduit.log.*`` |
 | [appGrouplisting.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/appGrouplisting.py) | appGrouplisting | Bundle ID by AppGroup & PluginKit IDs | html, tsv, lava | package |  | 2024-12-20 | List can included once installed but not present apps. Each file is named .com.apple.mobile_container_manager.metadata.plist | ``*/Containers/Shared/AppGroup/*/.com.apple.mobile_container_manager.metadata.plist``, ``*/Containers/Data/PluginKitPlugin/*/.com.apple.mobile_container_manager.metadata.plist`` |
 | [appItunesmeta.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/appItunesmeta.py) | get_appItunesmeta | Apps - Itunes Metadata | standard |  | 0.2 |  | iTunes & Bundle ID Metadata contents for apps | ``*/iTunesMetadata.plist``, ``**/BundleMetadata.plist`` |
 | [appleAlarms.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/appleAlarms.py) | alarms | Alarms | standard | clock |  | 2024-12-22 | Extraction of alarms set | ``*/mobile/Library/Preferences/com.apple.mobiletimerd.plist`` |
@@ -287,7 +288,7 @@ Number of modules with errors or no recognized artifacts: 3
 | [subscriberInfo.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/subscriberInfo.py) | subscriberInfo | Subscriber Info | standard | settings | 0.1 |  | Information about inserted SIM Cards | ``*/wireless/Library/Databases/CellularUsage.db*`` |
 | [sysShutdown.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/sysShutdown.py) | get_sysShutdown | Sysdiagnose - Shutdown Log | none |  | 0.1 |  | Parses the shutdown.log file from Sysdiagnose logs, based off work by Kaspersky Lab https://github.com/KasperskyLab/iShutdown | ``*/shutdown.log`` |
 | [systemVersionPlist.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/systemVersionPlist.py) | systemVersionPlist | System Version plist | standard, tsv, none |  | 5.0 |  | Parses basic data from */System/Library/CoreServices/SystemVersion.plist which is a plist in GK Logical Plus extractions that will contain the iOS ver | ``*/System/Library/CoreServices/SystemVersion.plist`` |
-| [tcc.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/tcc.py) | tcc | Application Permissions | standard |  | 0.7.2 |  | Extract application permissions from TCC.db database | ``*/mobile/Library/TCC/TCC.db*`` |
+| [tcc.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/tcc.py) | tcc | Application Permissions | standard | key |  | 2025-04-07 | Extract application permissions from TCC.db database | ``*/mobile/Library/TCC/TCC.db*`` |
 | [teams.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/teams.py) | teamsMessages | Teams Messages | standard |  | 1.0 |  | Microsoft Teams messages and shared media | ``*/mobile/Containers/Shared/AppGroup/*/SkypeSpacesDogfood/*/Skype*.sqlite*``, ``*/mobile/Containers/Shared/AppGroup/*/SkypeSpacesDogfood/Downloads/*/Images/*`` |
 | [teams.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/teams.py) | teamsContacts | Teams Contacts | standard |  | 1.0 |  | Microsoft Teams contact list | ``*/mobile/Containers/Shared/AppGroup/*/SkypeSpacesDogfood/*/Skype*.sqlite*`` |
 | [teams.py](https://github.com/abrignoni/iLEAPP/blob/main/scripts/artifacts/teams.py) | teamsUser | Teams User Information | standard |  | 1.0 |  | Microsoft Teams user profile and sync data | ``*/mobile/Containers/Shared/AppGroup/*/SkypeSpacesDogfood/*/Skype*.sqlite*`` |
diff --git a/admin/docs/modules_parsing_sqlite_db.md b/admin/docs/modules_parsing_sqlite_db.md
@@ -56,6 +56,7 @@ This document outlines iLEAPP modules parsing SQLite databases using the new `ge
 | sms |
 | splitwise |
 | subscriberInfo |
+| tcc |
 | tileAppDisc |
 | tileAppNetDb |
 | twint |
@@ -143,7 +144,6 @@ This document outlines iLEAPP modules parsing SQLite databases using the new `ge
 | serialNumber |
 | slack |
 | syncDev |
-| tcc |
 | teams |
 | telegramMesssages |
 | teleguard |
