最終更新:2014-12-08 (月) 04:31:04 (3425d)
Digital Forensics Framework
Top / Digital Forensics Framework
Open Source Digital investigation software
http://www.digital-forensic.org/
機能
Preserve digital chain of custody
- Software write blocker, cryptographic hash calculation
Access to local and remote devices
- Disk drives, removable devices, remote file systems
Read standard digital forensics file formats
- Raw, Encase EWF, AFF 3 file formats
Virtual machine disk reconstruction
- VMware (VMDK) compatible
Windows and Linux OS forensics
- Registry, Mailboxes, NTFS, EXTFS 2/3/4, FAT 12/16/32 file systems
Quickly triage and search for (meta-)data
- Regular expressions, dictionaries, content search, tags, time-line
Recover hidden and deleted artifacts
- Deleted files / folders, unallocated spaces, carving
Volatile memory forensics
- Processes, local files, binary extraction, network connections
