Dff (Digital Forensics Framewor) is a simple but powerfull open source tool with a flexible module system which will help you in your digital forensics works, including files recovery due to error or crash, evidence research and analysis, etc. The source code is written in C++ and Python, allowing performances and great extensibility
Features
API :
Stackable File System (made multi-layer analysis possible) Environement API for auto-completion and auto generation of Graphical Script Multi-threaded (possiblity to launch modules in background, so investigator can continue to work on the cases even if they launched modules that do heavy computations) Hash calculation possible with different algo (MD5, SHA1, SHA256) File oriented data representation (ex: a zip file can be browse like a normal directory, bypass zip-bomb problem) MAC Times access
Users :
An user-friendly Graphical Interface, with multi-browser and dockable widget A console interface Multi-Platform (Linux, Windowx, futur port on BSD & OS X ) Tagged modules Gallery view File type auto-detection (don’t rely on file extension) Command history
Developers:
API available both in Python and C++ Core API wrote in C++ for enhanced speed Live Scripting : API available and scriptable in live with a python interpreter Easy drivers and script developement through our API Possibility of writing script both in console or in QT for graphical use IDE, with template available for our different type of modules (graphical, console, drivers...)
Available Drivers and Scripts:
FAT 12/16/32 Drivers FTL-Reconstruction and CellPhone file system SMS-Decode SHM (Shared Memory) and more here
Download地址:http://www.digital-forensic.org/download-en.html
扫一扫
933
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
