Forensics and Reporting Guides

Overview

Guides for file format identification, location of deleted files and files fragments, cryptographic hashing, and reporting on potentially private and personally identifying information.

Guides

Analyzing a Disk Image with Brunnhilde

Fiwalk

pyExifToolGUI

HFS Explorer

Bulk Extractor Viewer

Regular Expressions in Bulk Extractor

Understanding Bulk Extractor Scanners

Scanning Disk Images and Directories with Bulk Reviewer

Disk Image Reports

Annotated Features Report

Forensic Reports

FSlint

Access and Export Files from Disk Images

Data Triage (Nautilus)

Create MD5 Sums (Nautilus)

Display a file in Hex editor (Nautilus)

Disk Image Metadata (Nautilus)

Extract Compressed Files (Nautilus)

Live Search for Files (Nautilus)