The Digital Forensics Framework (DFF) is each a digital investigation tool and a development platform. The framework is employed by system directors, law enforcement examinors, digital forensics researchers and students, and security professionals world-wide. Written in Python and C++, it completely uses Open supply technologies.
DFF combines an intuitive user interface with a modular and cross-platform design.
What will it do ?
DFF consists of tools, libraries, modules, and user interfaces. the essential operate of the framework is to agregate data and methodologicaly analyze volumes, file systems, user and applications knowledge, whereas extracting metadata, deleted and hidden things. data are processed into virtual read-only containers, therefore preserving the integrity and authenticity of information.
Key DFF features
User Interface : File browser, bookmarks, dockable windows, Integrated Development Environment and interpreter (Python), command line, multilanguage, task manager.
- Viewers : Images, videos, text, web, file systems statistics
- Timeline analysis : Graphical view, virtual extraction and reduction, metadata filters
- Hexadecimal viewer : Large files support, page navigation, pixel navigation and view, search ...
- Volumes : Partitions, VMDK (Vmware)
- Manipulation de fichiers : Cut, merge, extraction, spares reduction
- Metadata : EXIF, datetime, data structures, etc.
- Volatile memory : Windows XP (volatility)
- File systems : FAT 12/16/32, NTFS, EXTFS 2/3/4
- Data recovery : File systems algorithms, file carving
- Windows registry: Reconstruction and analysis
- Other: Local devices, hash (md5, sha*), zip, unxor
0 comments:
Post a Comment