Features

API :

 Stackable File System (made multi-layer analysis possible)

 Environement API for auto-completion and auto generation of Graphical Script  Multi-threaded (possiblity to launch modules in background, so investigator can continue to work on the cases even if they launched modules that do heavy computations)  Hash calculation possible with different algo (MD5, SHA1, SHA256)  File oriented data representation (ex: a zip file can be browse like a normal directory, bypass zip-bomb problem)  MAC Times access

Users :

 An user-friendly Graphical Interface, with multi-browser and dockable widget

 A console interface  Multi-Platform (Linux, Windowx, futur port on BSD & OS X )  Tagged modules  Gallery view  File type auto-detection (don’t rely on file extension)  Command history

Developers:

 API available both in Python and C++

 Core API wrote in C++ for enhanced speed  Live Scripting : API available and scriptable in live with a python interpreter  Easy drivers and script developement through our API  Possibility of writing script both in console or in QT for graphical use  IDE, with template available for our different type of modules (graphical, console, drivers...)

Available Drivers and Scripts:

 FAT 12/16/32 Drivers

 FTL-Reconstruction and CellPhone file system  SMS-Decode  SHM (Shared Memory)

 

Download地址:http://www.digital-forensic.org/download-en.html