Difference between pages "Dfvfs" and "Libsmdev"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
 
(Created page with "{{Infobox_Software | name = libsmdev | maintainer = Joachim Metz | os = Linux, FreeBSD, NetBSD, OpenBSD, Mac OS X, Windows | genre = {{Disk...")
 
Line 1: Line 1:
 
{{Infobox_Software |
 
{{Infobox_Software |
   name = dfvfs |
+
   name = libsmdev |
   maintainer = [[Kristinn Gudjonsson]], [[Joachim Metz]] |
+
   maintainer = [[Joachim Metz]] |
   os = [[Linux]], [[Mac OS X]], [[Windows]] |
+
   os = [[Linux]], [[FreeBSD]], [[NetBSD]], [[OpenBSD]], [[Mac OS X]], [[Windows]] |
   genre = {{Analysis}} |
+
   genre = {{Disk imaging}} |
   license = {{APL}} |
+
   license = {{LGPL}} |
   website = [https://code.google.com/p/dfvfs/ code.google.com/p/dfvfs/] |
+
   website = [https://code.google.com/p/libsmdev/ code.google.com/p/libsmdev/] |
 
}}
 
}}
  
dfVFS, or Digital Forensics Virtual File System, provides read-only access to file-system objects from various storage media types and file formats. The goal of dfVFS is to provide a generic interface for accessing file-system objects, for which it uses several back-ends that provide the actual implementation of the various storage media types, volume systems and file systems.
+
The '''libsmdev''' package contains a library and applications to read storage media devices.
  
dfVFS is currently implemented as a Python module.
+
== History ==
  
== Supported Formats ==
+
Libsmdev was created by [[Joachim Metz]] in 2010, while working for [http://en.hoffmannbv.nl/ Hoffmann Investigations].
The information below is based of version 20140621.
+
Libsmdev is a rewrite of earlier work for the proof-of-concept multi-threaded imager: GNOME Forensic Imager.
  
=== Storage media types ===
+
== Tools ==  
* [[Encase image file format]] or EWF (EWF-E01, EWF-Ex01, EWF-S01) using [[libewf]]
+
The '''libsmdev''' package contains the following tools:
* [[QCOW Image Format]] or QCOW using [[libqcow]]
+
* '''smdevinfo''', which shows information about a storage media device
* [[Raw Image Format]] or (split) RAW using [[libsmraw]]
+
* Storage media devices using [[libsmdev]]
+
* [[Virtual Disk Image (VDI)]] or VHD using [[libvhdi]]
+
* [[VMWare Virtual Disk Format (VMDK)]] using [[libvmdk]]
+
  
=== Volume systems ===
+
== External Links ==
* using [[sleuthkit]] and [[pytsk]]
+
** [[APM]]
+
** [[GPT]]
+
** [[MBR]]
+
* [[BitLocker Disk Encryption]] or BDE using [[libbde]]
+
* [[Windows Shadow Volumes]] or VSS using [[libvshadow]]
+
  
=== File systems ===
+
* [https://code.google.com/p/libsmdev/ Project site]
* using [[sleuthkit]] and [[pytsk]]
+
** [[Extended File System (Ext)]] version 2, 3, 4
+
** [[FAT]]
+
** [[HFS+|HFS, HFS+, HFSX]]
+
** [[New Technology File System (NTFS)]] version 3
+
** [[Unix File System (UFS)]] version 1, 2
+
 
+
== History ==
+
dfVFS originates from the [[plaso|Plaso project]]. It was largely rewritten and made into a stand-alone project to provide more flexibility and allow other projects to make use of the VFS functionality. dfVFS originally was named PyVFS, but that name conflicted with another project.
+
 
+
== See Also ==
+
* [[plaso]]
+
 
+
== External Links ==
+
* [https://code.google.com/p/dfvfs/ Project site]
+
* [https://code.google.com/p/dfvfs/wiki/dfvfs Developing Python code using dfvfs]
+

Revision as of 08:43, 21 June 2014

libsmdev
Maintainer: Joachim Metz
OS: Linux, FreeBSD, NetBSD, OpenBSD, Mac OS X, Windows
Genre: Disk imaging
License: LGPL
Website: code.google.com/p/libsmdev/

The libsmdev package contains a library and applications to read storage media devices.

History

Libsmdev was created by Joachim Metz in 2010, while working for Hoffmann Investigations. Libsmdev is a rewrite of earlier work for the proof-of-concept multi-threaded imager: GNOME Forensic Imager.

Tools

The libsmdev package contains the following tools:

  • smdevinfo, which shows information about a storage media device

External Links