티스토리 뷰

Security

Digital Forensics Framework

이성권 2014. 11. 29. 01:10

http://www.digital-forensic.org/

Take control of your software

(Re)Discover digital investigation

DFF (Digital Forensics Framework) is a free and Open Source computer forensics software built on top of a dedicated Application Programming Interface (API).

It can be used both by professional and non-expert people in order to quickly and easily collect, preserve and reveal digital evidences without compromising systems and data.

Preserve digital chain of custody

Software write blocker, cryptographic hash calculation

Access to local and remote devices

Disk drives, removable devices, remote file systems

Read standard digital forensics file formats

Raw, Encase EWF, AFF 3 file formats

Virtual machine disk reconstruction

VmWare (VMDK) compatible

Windows and Linux OS forensics

Registry, Mailboxes, NTFS, EXTFS 2/3/4, FAT 12/16/32 file systems

Quickly triage and search for (meta-)data

Regular expressions, dictionaries, content search, tags, time-line

Recover hidden and deleted artifacts

Deleted files / folders, unallocated spaces, carving

Volatile memory forensics

Processes, local files, binary extraction, network connections

DFF comes with a set of dedicated development libraries (API) allowing everyone to customize and enhance the software.

Object Oriented programming languages

Choose your favorite language : C++ and / or Python

Access to DFF’s Virtual File System (VFS)

Browse and manage DFF’s tree

File signature auto-detection

Read file signatures thanks to Magic library

Advanced search grammar and library

Filter and look for (meta-)data into the VFS

Meta-data management

Access and manage attributes of node

Tagging library

Tag DFF’s files and folders

Tasks manager

Load and apply plug-ins at runtime

Benefits

Cross-platform architecture
Choose your OS (Windows or Linux)
Open Source
Control and improve the software
Modular & scriptable
Customize to fit your needs
Lightweight & scalable
From flash drives to large scale architectures
Intuitive & simple interfaces
From non-expert to professionals

Technologies

Python

easy & interpreted programming language

QT Framework

Cross-platform UI framework

C++

Compiled programming language

'Security' 카테고리의 다른 글

Bro  (0) 2014.12.17
21 Popular Computer Forensics Tools  (0) 2014.11.29
[Tip] Open Source Digital Forensics  (0) 2014.11.29
Sagan - 리뷰(2)  (0) 2013.03.27
CUDA와 Cryptography관련 도구 서베이  (0) 2013.03.06