Scripts4CF

A simple web site for collecting useful scripts and tools for the computer forensics By Nanni Bassetti

1. »Introduction
2. »Bash scripts & tools
3. »About
4. »Contact

BASH SCRIPTS AND TOOLS

 

Raw2FS 1.2(new!) - Bash script - It's possible to resolve the file name starting from the carved file name generated by the Foremost tool and save it, it generates an HTML report. It's possible to resolve the file name starting from the offset of a "grep" keywords search. The tool identifies automatically the change of the partition and, if the keyword is contained into the slack space, saves the sector/cluster/block where it is. (remember that for fat -> sector, ntfs -> cluster, ext2/3 -> block) (TSK based)
MD5: 72EF33F7AD0F2F429BAECA282DC9B496 (29/04/2009 updated!)

MultiFS 1.1 (new!)- Bash script - this tool can detect and extract the hidden file systems. (TSK based)
MD5: 70A2DB818E1A045249EB26DA8D45427A

SFDumper 2.1(new!) - Bash script - this is a selective file retriever, it works on active, deleted and carved files. It can do a keyword search among the files retrieved. (TSK based)
MD5: 1037A96DFE56F0E53D90672884996DDD

FUNDL 2.0 - Bash script - this is a selective deleted file retriever, HTML reporting. (TSK based)
MD5: CFFACDE9290D96CBF20D332910139F27

PXS Installer 1.5.1 - Bash script - this is the easier way to install PTK on Ubuntu workstation, using XAMMP as web server. This script install PTK, Stk, libewf, afflib, XAMMP and all packages required.
MD5: CA14F76AB3098E1A36A45B18CE2D8233

FKLook - Bash script - by this script you can search for a keyword in many files and it copies only the files those match with the keyword, in a separated directory you chose.
MD5: 6748FAB3CE858BE4DC0A999436E39440

Offset_Brute_Force - Bash script - This is a dumb and dirty bash script born to brute force the partition offset looking for an hidden partition and trying to mount it. Example: $ ./force.sh pen-drive.dd 0 4194304
MD5: 7EAF4CF4E3171F712166A71D25E3343F

fod v.0.2(new!) - Bash script - "fod" stay for "Foremost output divide". This is a simple script for splitting foremost output directory's contents into subdirectories with a defined number of files for each type of format file.
MD5: ff150dccf6774d55a7409d740132a10a

If you want give us a feedback or you would like to upload one of your scripts/tools for the digital forensics, please use the link CONTACT.

 

� Nanni Bassetti - http://www.nannibassetti.com.

Template design by Six Shooter Media.