|
Open Computer Forensics Architecture
The Open Computer Forensics Architecture (OCFA) is a distributed open-source computer forensics framework used to analyze digital media within a digital forensics laboratory environment. The framework was built by the Dutch national police. Architecture OCFA consists of a back end for the Linux platform, it uses a PostgreSQL database for data storage, a custom Content-addressable storage or CarvFS based data repository and a Lucene index. The front end for OCFA has not been made publicly available due to licensing issues. The framework integrates with other open source forensic tools and includes modules for The Sleuth Kit, Scalpel, Photorec, libmagic, GNU Privacy Guard, objdump, exiftags, zip, 7-zip, tar, gzip, bzip2, rar, antiword, qemu-img, and mbx2mbox. OCFA is extensible in C++ or Java. See also * List of digital forensics tools During the 1980s, most digital forensic investigations consisted of "live analysis", examining digital media directly using non-specialist tool ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
National Police Corps (Netherlands)
National Police Corps ( nl, Korps Nationale Politie), colloquially in English as Dutch National Police or National Police Force, is divided in ten regional units, a central unit, the police academy, police services center, and national control room cooperation. The law-enforcement purposes of these agencies are the investigation of suspected criminal activity, referral of the results of investigations to the courts, and the temporary detention of suspected criminals pending judicial action. Law enforcement agencies, to varying degrees at different levels of government and in different agencies, are also commonly charged with the responsibilities of deterring criminal activity and preventing the successful commission of crimes in progress. The police commissioner (eerste hoofdcommissaris) in the Netherlands is Henk van Essen since May 1, 2020. Besides police officers, the Netherlands has about 23,500 peace officers. These officers have a Special Enforcement Officer (SEO) status ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
The Sleuth Kit
The Sleuth Kit (TSK) is a library and collection of Unix- and Windows-based utilities for extracting data from disk drives and other storage so as to facilitate the forensic analysis of computer systems. It forms the foundation for Autopsy, a better known tool that is essentially a graphical user interface to the command line utilities bundled with The Sleuth Kit. The collection is open source and protected by the GPL, the CPL and the IPL. The software is under active development and it is supported by a team of developers. The initial development was done by Brian Carrier who based it on The Coroner's Toolkit. It is the official successor platform. The Sleuth Kit is capable of parsing NTFS, FAT/ExFAT, UFS 1/2, Ext2, Ext3, Ext4, HFS, ISO 9660 and YAFFS2 file systems either separately or within disk images stored in raw ( dd), Expert Witness or AFF formats. The Sleuth Kit can be used to examine most Microsoft Windows, most Apple Macintosh OSX, many Linux and some other UNI ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Digital Forensics Software
Digital usually refers to something using discrete digits, often binary digits. Technology and computing Hardware *Digital electronics, electronic circuits which operate using digital signals **Digital camera, which captures and stores digital images ***Digital versus film photography **Digital computer, a computer that handles information represented by discrete values **Digital recording, information recorded using a digital signal Socioeconomic phenomena *Digital culture, the anthropological dimension of the digital social changes *Digital divide, a form of economic and social inequality in access to or use of information and communication technologies *Digital economy, an economy based on computing and telecommunications resources Other uses in technology and computing *Digital data, discrete data, usually represented using binary numbers *Digital marketing, search engine & social media presence booster, usually represented using online visibility. *Digital media, media sto ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
List Of Digital Forensics Tools
During the 1980s, most digital forensic investigations consisted of "live analysis", examining digital media directly using non-specialist tools. In the 1990s, several freeware and other proprietary tools (both hardware and software) were created to allow investigations to take place without modifying media. This first set of tools mainly focused on computer forensics, although in recent years similar tools have evolved for the field of mobile device forensics. This list includes notable examples of digital forensic tools. Forensics-focused operating systems Debian-based * Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing, formerly known as BackTrack. * Parrot Security OS is a cloud-oriented Linux distribution based on Debian and designed to perform security and penetration tests, do forensic analysis, or act in anonymity. It uses the MATE Desktop Environment, Linux Kernel 4.6 or higher and it is available as a live li ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Java (programming Language)
Java is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible. It is a general-purpose programming language intended to let programmers ''write once, run anywhere'' ( WORA), meaning that compiled Java code can run on all platforms that support Java without the need to recompile. Java applications are typically compiled to bytecode that can run on any Java virtual machine (JVM) regardless of the underlying computer architecture. The syntax of Java is similar to C and C++, but has fewer low-level facilities than either of them. The Java runtime provides dynamic capabilities (such as reflection and runtime code modification) that are typically not available in traditional compiled languages. , Java was one of the most popular programming languages in use according to GitHub, particularly for client–server web applications, with a reported 9 million developers. Java was originally developed ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Antiword
Antiword is a free software reader for proprietary Microsoft Word documents, and is available for most computer platforms. Antiword can convert the documents from Microsoft Word version 2, 6, 7, 97, 2000, 2002 and 2003 to plain text, PostScript, PDF, and XML/DocBook (experimental). Overview The Word format is proprietary and only officially supported on Microsoft Windows and Macintosh operating systems. Reading the format on other systems can be difficult or impossible. Antiword was created to support reading this format on these systems. Using the plain text output of Antiword, a Word document can be processed and filtered using shell scripts traditional text tools such as diff and grep.Linux.com's "CLI Magic: Antiword CLI Magic: Antiword/ref> It can also be used to filter Word document spam.Nabble Forum Development has stagnated and no official release has been made since 2005. See also * wv - library for converting Microsoft Word Microsoft Word is a word processing ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
RAR (file Format)
RAR is a proprietary format, proprietary archive file format that supports data compression, error correction and file spanning. It was developed in 1993 by Russian software engineer Eugene Roshal and the software is licensed by ''win.rar GmbH''. The name ''RAR'' stands for ''Roshal Archive''. File format The filename extensions used by RAR are .rar for the data volume set and .rev for the recovery volume set. Previous versions of RAR split large archives into several smaller files, creating a "multi-volume archive". Numbers were used in the file extensions of the smaller files to keep them in the proper sequence. The first file used the extension .rar, then .r00 for the second, and then .r01, .r02, etc. RAR compression applications and libraries (including GUI based WinRAR application for Windows, console rar utility for different OSes and others) are proprietary software, to which Alexander L. Roshal, the elder brother of Eugene Roshal, owns the copyright. Version 3 of RAR ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Gzip
gzip is a file format and a software application used for file compression and decompression. The program was created by Jean-loup Gailly and Mark Adler as a free software replacement for the compress program used in early Unix systems, and intended for use by GNU (from where the "g" of gzip is derived). Version 0.1 was first publicly released on 31 October 1992, and version 1.0 followed in February 1993. The decompression of the ''gzip'' format can be implemented as a streaming algorithm, an important feature for Web protocols, data interchange and ETL (in standard pipes) applications. File format gzip is based on the DEFLATE algorithm, which is a combination of LZ77 and Huffman coding. DEFLATE was intended as a replacement for LZW and other patent-encumbered data compression algorithms which, at the time, limited the usability of compress and other popular archivers. "gzip" is often also used to refer to the gzip file format, which is: * a 10-byte header, contai ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Tar (computing)
In computing, tar is a computer software utility for collecting many files into one archive file, often referred to as a tarball, for distribution or backup purposes. The name is derived from "tape archive", as it was originally developed to write data to sequential I/O devices with no file system of their own. The archive data sets created by tar contain various file system parameters, such as name, timestamps, ownership, file-access permissions, and directory organization. POSIX abandoned ''tar'' in favor of '' pax'', yet ''tar'' sees continued widespread use. History The command-line utility was first introduced in the Version 7 Unix in January 1979, replacing the tp program (which in turn replaced "tap"). The file structure to store this information was standardized in POSIX.1-1988 and later POSIX.1-2001, and became a format supported by most modern file archiving systems. The tar command was abandoned in POSIX.1-2001 in favor of pax command, which was to support ust ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
7-zip
7-Zip is a free and open-source file archiver, a utility used to place groups of files within compressed containers known as "archives". It is developed by Igor Pavlov and was first released in 1999. 7-Zip has its own archive format called 7z, but can read and write several others. The program can be used from a Windows graphical user interface that also features shell integration, from a Windows command-line interface as the command 7za.exe, and from POSIX systems as p7zip. Most of the 7-Zip source code is under the LGPL-2.1-or-later license; the unRAR code, however, is under the LGPL-2.1-or-later license with an "unRAR restriction", which states that developers are not permitted to use the code to reverse-engineer the RAR compression algorithm. Since version 21.01 alpha, preliminary Linux support has been added to the upstream instead of the p7zip project. Archive formats 7z By default, 7-Zip creates 7z-format archives with a .7z file extension. Each archive can con ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Objdump
objdump is a command-line program for displaying various information about object files on Unix-like operating systems. For instance, it can be used as a disassembler to view an executable in assembly form. It is part of the GNU Binutils for fine-grained control over executables and other binary data. objdump uses the BFD library to read the contents of object files. Similar utilities are Borland TDUMP, Microsoft DUMPBIN and readelf. Note that on certain platforms (e.g. macOS), the objdump binary may actually be a link to llvm's objdump, with different command-line options and behavior. Example For example, $ objdump -D -M intel file.bin , grep main.: -A20 This performs disassembly on the file «file.bin», with the assembly code shown in Intel syntax. We then redirect it to grep, which searches the main function and displays 20 lines of its code. Example output: 4004ed: 55 push rbp 4004ee: 48 89 e5 mov rbp,rsp 4004f1: c7 45 ec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
_waving.svg "Click for more on -> Java (programming Language)")
