DFF (Digital Forensics Framework) is a free and Open Source computer forensics software built on top of a dedicated Application Programming Interface (API). It can be used both by professional and non-expert people in order to quickly and easily collect, preserve and reveal digital evidences without compromising systems and data.
- Preserve digital chain of custody - Software write blocker, cryptographic hash calculation
- Access to local and remote devices - Disk drives, removable devices, remote file systems
- Read standard digital forensics file formats - Raw, Encase EWF, AFF 3 file formats
- Virtual machine disk reconstruction - VmWare (VMDK) compatible
- Windows and Linux OS forensics - Registry, Mailboxes, NTFS, EXTFS 2/3/4, FAT 12/16/32 file systems
- Quickly triage and search for (meta-)data - Regular expressions, dictionaries, content search, tags, time-line
- Recover hidden and deleted artifacts - Deleted files / folders, unallocated spaces, carving
- Volatile memory forensics - Processes, local files, binary extraction, network connections
Digital Forensics Framework (DFF) is an open source computer forensics software. It advertises the ability to be used by both professionals and non-experts to collect, preserve, and reveal digital evidence without compromising systems and data.
Digital Forensics Framework offers two user interfaces, a graphical one developed in PyQt and providing classical tree view but also more advanced features such as recursive view, tagging, live search or bookmarking. Its command line interface enables to perform digital investigation remotely and comes with usual functionnalities available in common shell such as completion, tasks management, globing or keyboard shortcuts. DFF can also run batch scripts at startup to automate repetitive tasks. Advanced users and developers can also use DFF directly from a Python interpreter to script their investigation.
DFF Blog :: Click HereDFF Wiki :: Click Here
Linux | Windows :: DFF v1.3.0 (Free Edition)
Official Website :: http://wiki.digital-forensic.org/index.php/Main_Page
0 comments :
Post a Comment