From c5f01690971a84efe7247e764b081fefd31a8e20 Mon Sep 17 00:00:00 2001
From: angry-bender <angry-bender>
Date: Mon, 10 May 2021 14:00:39 +0930
Subject: [PATCH 1/3] Added all Tools bar kape

---
 Get-Forensics-Tools.ps1 |  6 +++++-
 packages.json           | 37 ++++++++++++++++++++++++++++++++-----
 2 files changed, 37 insertions(+), 6 deletions(-)

diff --git a/Get-Forensics-Tools.ps1 b/Get-Forensics-Tools.ps1
index d7e8e88..c4d3429 100644
--- a/Get-Forensics-Tools.ps1
+++ b/Get-Forensics-Tools.ps1
@@ -56,6 +56,10 @@ function Install-MSI([string] $name, [string]$msiargs)
         Write-Host "Installing $($installer.name), Please Wait"
         Start-Process "$($pwd)\$($installer.name)"  -ArgumentList "$($msiargs)" -wait
         $status = "$($name) Intalled by MSI"
+        #Checks for msi opening browsers
+        Start-Sleep 5
+        $browser = Get-Process | Where-Object {$_.MainWindowTitle -like "*$($name)*"}
+        $browser | stop-process -force
 
     }
     elseif($dircontents.Extension -like "*.msi*")
@@ -143,7 +147,7 @@ function Get-GitPackage($package)
     # $name = $webresponse[0].name
     $releasetype = $webresponse[0].assets[$($package.releasenum)].content_type
 
-    if($releasetype -like "application/zip") 
+    if($releasetype -like "application/zip" -or $releasetype -like "binary/octet-stream" -or $releasetype -like "application/x-zip-compressed") 
     {
         $package.type = "zip"
         Get-CompressedDownload $package "$($download)"
diff --git a/packages.json b/packages.json
index b9ca18f..9fd0215 100644
--- a/packages.json
+++ b/packages.json
@@ -17,7 +17,23 @@
             "msiargs":"/silent",
             "type":"",
             "status":""
-        }
+        },
+        {
+			"Owner":"gchq",
+			"Name":"CyberChef",
+			"ReleaseNum":0,
+            "ismsi":false,
+            "type":"zip",
+            "status":""
+		},
+        {
+			"Owner":"woanware",
+			"Name":"wmi-parser",
+			"ReleaseNum":0,
+            "ismsi":false,
+            "type":"zip",
+            "status":""
+		}
     ],
     "WebPackages":
     [
@@ -65,7 +81,7 @@
             "status":""
         },
         {
-            "Name":"SearchEverything",
+            "Name":"Search Everything",
             "url":"https://www.voidtools.com/downloads",
             "scrapewebsite":true,
             "linkmember":"outerHTML",
@@ -77,14 +93,15 @@
             "status":""
         },
         {
-            "Name":"Thumbcacheviewer",
+            "Name":"Thumb cache viewer",
             "url":"https://thumbcacheviewer.github.io/",
             "scrapewebsite":true,
             "linkmember":"outerHTML",
             "likefilter":"64",
             "notfilter":null,
             "type":"zip",
-            "ismsi":false
+            "ismsi":false,
+            "status":""
         },  
         {
             "Name":"Arsenal",
@@ -94,7 +111,17 @@
             "likefilter":"button_0",
             "notfilter":null,
             "type":"zip",
-            "ismsi":false
+            "ismsi":false,
+            "status":""
+        },
+        {
+            "Name":"Kernel OST Viewer",
+            "url":"https://www.nucleustechnologies.com/downloads/freekernelostviewer.exe",
+            "scrapewebsite":false,
+            "type":"exe",
+            "ismsi":true,
+            "msiargs":"/VERYSILENT",
+            "status":""
         }        
     ],
     "ChocoPackages":

From 2a2e2a884823c0efb34f47934f3760131f314b00 Mon Sep 17 00:00:00 2001
From: angry-bender <angry-bender>
Date: Mon, 10 May 2021 14:01:03 +0930
Subject: [PATCH 2/3] V9.1 update

---
 README.md | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 77fbbdd..f03a1b0 100644
--- a/README.md
+++ b/README.md
@@ -1,16 +1,16 @@
-# WINSIFT ForensicsSetup Beta 0.9.0
+# WINSIFT ForensicsSetup Beta 0.9.1
 
 ![image](https://user-images.githubusercontent.com/18164137/116410447-f0d30a00-a873-11eb-9c6f-d496838549a5.png)
 
 
 ## Contents
 
-- [WINSIFT ForensicsSetup Beta 0.9.0](#winsift-forensicssetup-beta-043)
+- [WINSIFT ForensicsSetup Beta 0.9.1](#winsift-forensicssetup-beta-091)
   - [Contents](#contents)
   - [KNOWN ISSUES](#known-issues)
     - [Choco packages that are broken #18](#choco-packages-that-are-broken-18)
     - [Package issues](#package-issues)
-    - [Nimi Places](#Nimi-Places)
+    - [Nimi Places](#nimi-places)
   - [Announcements](#announcements)
     - [In Development](#in-development)
     - [Feedback / tool Requests](#feedback--tool-requests)
@@ -18,11 +18,9 @@
   - [Pre-requisites](#pre-requisites)
   - [Usage](#usage)
   - [Description](#description)
-      - [Licenced Software (Included) - Free Licence - Non-Commercial Use](#licenced-software-included---free-licence---non-commercial-use)
       - [Licenced Software (Not Included)](#licenced-software-not-included)
     - [Unlicenced Software (Included)](#unlicenced-software-included)
     - [GUI Tools Included](#gui-tools-included)
-    - [Unlicenced Software (In Progress)](#unlicenced-software-in-progress)
   - [Developer contact](#developer-contact)
 
 ## KNOWN ISSUES

From dac2561441101531ce65688a9fd875721b643cde Mon Sep 17 00:00:00 2001
From: angry-bender <angry-bender>
Date: Mon, 10 May 2021 14:11:16 +0930
Subject: [PATCH 3/3] Updated Shortcuts

---
 Forensics Tools.zip | Bin 47086 -> 48838 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/Forensics Tools.zip b/Forensics Tools.zip
index c5e931268f145ded4d8bb8cf91515ff4557cf05e..9415264d0b6af5c95213f64ff5d8e6cf0048215b 100644
GIT binary patch
delta 2948
zcmZ{ldpuNmAIHy}88cXCTpBf!8J7}rH|tWlOh~d3F+_<NQP{8#qKqzUbJ<*ek6X$m
zgb`*&Sdk*yimYtR6K#66T~t<yLeV^Dj>hh@&-0u=&hI<#&-eHJeSg36{mpms4SaJE
zMs~X32^2{DgdXPd5i$v{5XEhzkp_s01&6sF57Ii=g)jttBLzWL09Q-_b|f;#{>XlI
zw0$T$WM8b6p{b>zv0><U5#fg6k%!Lj+PiI66vfuNXOCP_!1L`f=2BW$B4X}0`|ge#
zF@LTtWV)pI6{$9we><*ZQB8Z@DP1u?NYdy%{NM&W)hWC0M~d#ihX5)|UIs~jq`6Ua
zq`{<V|EB!us9&sSXWL#Zyx~KT7snrRxTv9J5LZSBrtbOa<H2#yY0dXnG?ISKpvfN4
z8aud3Hzwg~)`{>|hg|y|qk;(k4~{|ul_TEp50tb|9+q9>=XhQVrG0Y*zYY1xLm}*p
z=0gR76Vhqwi|=TO^@g3atY3ZX{nGDE{_E7?qtDe@F#~ux!a$<?-T)H0L4Af3=(x_(
z!smH~Qb2!6Scpp3{>QtOCT0f-i5JfBDApSsHazNn;#aCm)O?Ji&nRine3px)c-o~X
zvcZr52_FglR%*Pjt0Y%x;bVEl$tMvZd@1^;agxEntx{&K9b!k_qR{<HFWR!bDxOo|
z6kVQImgCA=W0d5)O-cUxo%hBZTz_xt#F|wTF{X-{4f!&23mi@FYk91&P$@O(AF`gU
z9f-FQg@~-;Uzj6SF$bgR!{hG)q8eI04|HahyVSYIs!i*v4$%x+MIY@&QF?k`BRw|x
zMcwCvV%#D#s&i`Dzl_}+s;NwUDk}DV!ac2E`@PSd56!VXzKg*hC;V@hbDH4U$0vuT
zek~YtK7DZK?9-zHsLeetyEK)0?^7Q!r@|**?@~$e0w4C0+P!Cd>*_6?olqoC@xYMm
z$_%-}mwTB?bXT)Je6B2`Yd<i)X<?plZ?rV?s&0`_a+n`C+UCUkBJ8JSSNsBu?o&UV
zC#nv1y!CcwnEiWD&<Zu7{AM{;kd2*eMljtrBdy!3#5d(xOD%`o`?G0V@3qh<{f39<
zCXC%~*T+#qZsvazEdPBZ_uZtnUlLwi>|k#hRY1;($M1~dg4`4f^2123he~q2e>z&`
z0s_cRSP9;y$Z=fQ(UI(Mb+=uf>Z~w!96MTE-gV;gc3&gfXXY`(bk+=f;>g_7G}>`?
zbX&oty1KgN$&?IgHb0#lySI<zbZSP)V+QxVschIOPhV>)p+}$avXb<=QorjgTS`jC
z(a8M5SZkZJdA0R-WKqM|{M_O%qI18m*Q_r);ZwxXsBAT2PG#M7o-Kdaf26+aJ(Jw_
z+{*WM`{1>to6p*!@4#n<n^pJVza~u|U%%j#*gkn@T5p6a%=~&Vw#s^YrGY)M$2IM%
zvk9_k$A8-|%*r0O^xCz~z?MpGpK(n~UyX~&3sDIgdNmU1*s^C$nR=y;^VI?CwOSDt
zJ-SRKgmeAdD#q^HTYUTe0lmZ*+gW616Vh})n-6N3W+@MLl935-|Fgpz-?erhGZZP5
z^3Dni;<p3@=^ODQ@H1CzU0E@0g-0K6cef34(8kFIT4%QZZby7j(3MNH*zn@nqQ&T(
zmtm)Jl%k{X?cHYMj?-P<?!JAdbA)lmscraduU<|Kt7;M?->*H8pxP=bKXd%2>j8QX
zie6<OiQBA!y!|7r)=~Anb4`+NCuvJy$0kE$dyR)f)?mOx7dT<&&6U2|jJ&A((a)=&
zUGH}lh`eK2g7*#&40!TG?}pX=W7k-Iu=ab4yeXW|xz-Y$_oJF#-bPjTUb>kd!YAJj
zFr_zh_;b@O{gn^zZGAJJJ&QaVIk_UPX<x}5q3w{HEzRPZ&rfFW8>Xx#+<#nj>p}~B
zplFxk?B%gneahzkp}n_aCR994FN8=Z25Phu@WD<~`*_kFGMpR4L-s8?)rwLk_!bj+
z-^^_!dCphGDtyJ?ZVulN+OI0wu_O2(Xn#FixK6A15bX!!M};=O5!y3%yya!`<D0Iq
zru(f&66$M=M>bA<vKPrTcBOQz#H0V*;N<yDD`|6a`Cg7foMenQi$Q;b`{zT5{_l7N
zsA*TsA)c=E+{tnTJ;kZ?B~ysAeOTD{Vv`WJ(*+0HLQCxcZ3AGSQ5BpnF(NxD_3UDy
zftN<mQ*unIVAUBkh*RlFqT`Y|P#R~sWD0RFn@j%|Pa68KZUU{v+71M%Lx5AZZu9?d
zDzd1H_`yL`Xt=$kU%W@jQeRT?D$|GWD*%&f4Ny_0CdujNG6vkc0;9AGS`zAXfdTVY
zVzl@IjTrk;MZA?Rl+I8ws#2~gq0DjyEUk*sf^rK99YU!Q4Ws%M#uB=}f&mw5V6?SD
zOG2NZ^r;p`tt!__Xiy~s?$pL8d94aCD5Xf0KTrkH#S~v{1>j$WAU^VU)#`?EUlNVH
z$bi@DV-7tRwI$Q0P%3ML(QQ?F5*lB{fbC5&nq{N}*7FcBSw)hlpHOwDC93Y0kgRG3
zZVO=6XoJ_)suCzy!+_~FSdj2d%2-A(4L_*<nNbev;Ksxp&e<q~&o#@Np>i3pnFFRI
zGZAo<OZjSP7eZX5Vh1p3(g5vTGJI<*=&V%-6I_a<P>Hn+nBaucb->F(0ZTlomPDKk
zPfSO@RXVEX>_F9Th|D>VhLRPR&_nUWqWp158YH^Qfn%2_M48cliq(8nJ@5NP)ss-Q
zItIKt@Czk@2!DByT1O!!4S0*!D6eDSwt~QV4KQD4Ac6Yz3>ZFuO>qsTfcaVkal7&K
zW9lG|e8pZoi-$VIM_>-b27Tfn)mTg|8yGP0JB*%b&>_OPE5x)NrO62x?Tb@J^F@&E
zNCh4ATonTEh|^~B7;xCJFAmb6ghwY5i+aRLH>$9bmlf_Yd2uelhEF0E@H@pGE_?<&
zmI99R?Kk&Z=c7c3TlmM&-)<!Yp-s>OyIWsgYnE@N0!rdja|C)0FD{!DiRVkkySBo=
z#gT^ovx!2G$#NWZG>!m`L$mmw9rdqw`}nVGBR$cDR=Y<1WkFyk(1$ZJ&<G$yuz@J7
z`;dd~@2Y?S>t=$)R864VxLh_yjSTp}5*<xlDK1sOZDhhaIpBB^1)Rx10QvH=v(9A(
z%>Gm1Tn>Wsa+e)tvJfD=hyZ#M6P7AOu?|RUTAo|c#DJZb=nbF@RyDiAQ|B<J%w|7W
juLL#C0KJ6;8<nA^H5RF}g-$ky%%Nyi2(l>`ANaokIW_Oe

delta 1238
zcmX|=e^Aq99LK-kM|ei8?>6nrSW}2GR9G{vdUDo|5lVL9$w}RnMky3wnMrkCq(!85
z>Wm$-PthqLqzw1N<;DQp2Ar37Tz|OuamKV?bZ15eh<{jk-g)*s52O9_eD->M-k;~b
z&-eQb-9<NMQPQRji;|!{q7CXr#iEwot)WcC2oC+G>HH8}5e+!)rciT3j~0Ak4ZM8n
z5$(){s~0D&adGG=YmBWO>0i?SaN<-oc5E5>Y}yK`o%PsK;C9fmvD1#H(uz;gGSj7H
z<H6!8QC)g{$Hr-zy<ul7G`i}N@7$`S)#9!LxGL)(Rvz!FRn3=i@p@ke+rxX>jQ)_|
zrp5%wE#u17bF6Who1mXHPL%;tWHs!kBCwuMXmu0uJe0Y!VMdz@cd3Z(<RaZe#3UGX
z8==NySb)tQf^<4IX2xT|qfXvw@)A_I6e_%BN{{0<-7PK_R(qknD-BK?R50PaA9*ra
zM&&c&<S@@zd<5Ofa^^e=Cw#JU9>&GBhx|M?=F_85Ba5idtXhbyJws5&3I<E^G?3ww
zq|NGBhJRdKKEX#`px%<lyxzY8C*XQNL3%TTZGIDeJo#UC7%>W8$Y=1=$Ckk6kR-k8
zQp7$V6BB;ZHw0BY!MtNl4rsiR^w&7BoxUjJ`D@fazlQmGs}i0)E8~QyJWEi%m5Enu
zX%M5rU&|AdRBW>`VGHCfz;^-!tt(>i-C_ww12X=;jdxE`ad{mWf&~Bafo+7o)bb!f
zaxpXopTn)vrAGP;zf*Fugp%c8?Out8w{ZGqH$8(gn#_X1?p*x#k-bN0?=+?Uml8Au
zN<!H<RPZC4@_vXQ)7FGhz;MWjZR6bBrsl;;Zc2MrVRg+o>)+Qy(2^=nZQEs->XGq=
z{5Uhoy#yWJ!A*Iu8RI7}GwPsJ`yQuPdvmdIj?=|`1RbsAwB}q2)bts!>#ZxSznPjn
zd;d57IwjoelkxRlZXY~HP<36xK8&Nse`1*qN@ovny7Z75=3J7rf9Jp*`<OU+o;N)7
zEx(wWWkQZH|I^Ur@Im;&o|&C0WN{`6I-%~qEBw|r>7S;D9v5SUadxA0VKe%Ucf(La
zI(!tCm9B|vP3$|T3Ah<BKs2mE+w4#fq1PxZW7S|0duxgaL2Zm4L|YqRpVI(;Mr5q}
z`xz>oQG!|+T+KdZ*b^;67aMucuhDX31uz`Th1dFJ92wroW_{dGQ2ji097}`Q{!+B^
xE8etypj@ngV1FL$YJULk4V0ocTDaKNu7pp%PKAa+vx*2rsL~6<?l$(c{{hXB6pH`=