Difference between revisions of "Dcfldd"

From Forensics Wiki
Jump to: navigation, search
(Rephrased, as the original content was cut'n'pasted from the dcfldd website.)
(Infobox.)
Line 1: Line 1:
 +
{{Infobox_Software |
 +
  name = dcfldd |
 +
  maintainer = [[Nicholas Harbour]] |
 +
  os = [[Linux]], [[Windows]] |
 +
  genre = [[Imaging]] |
 +
  license = [[GPL]] |
 +
  website = [http://dcfldd.sourceforge.net/ dcfldd.sf.net] |
 +
}}
 +
 
'''dcfldd''' is an enhanced version of [[GNU]] [[dd]]. It has some useful features for forensic [[investigator]]s:
 
'''dcfldd''' is an enhanced version of [[GNU]] [[dd]]. It has some useful features for forensic [[investigator]]s:
  
Line 8: Line 17:
 
* The output can be splitted into multiple files.
 
* The output can be splitted into multiple files.
 
* Logs and data can be piped into external applications.
 
* Logs and data can be piped into external applications.
 
== Example ==
 
 
== External Links ==
 
 
* [http://dcfldd.sourceforge.net/ Official website]
 

Revision as of 12:45, 30 March 2006

dcfldd
Maintainer: Nicholas Harbour
OS: Linux, Windows
Genre: Imaging
License: GPL
Website: dcfldd.sf.net

dcfldd is an enhanced version of GNU dd. It has some useful features for forensic investigators:

  • On-the-fly hashing of the transmitted data.
  • Progress bar of how much data has already been sent.
  • Wiping of disks with known patterns.
  • Verification that the image is identical to the original drive, bit-for-bit.
  • Simultaneous output to more than one file/disk is possible.
  • The output can be splitted into multiple files.
  • Logs and data can be piped into external applications.