Difference between pages "Hashdb" and "Libsmraw"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Created page with "{{Infobox_Software | name = hashdb | maintainer = Bruce Allen | os = {{Linux}}, {{Windows}}, {{Mac OS X}} | genre = {{Analysis}} | license = {{Public Domain}} |...")
 
 
Line 1: Line 1:
 
{{Infobox_Software |
 
{{Infobox_Software |
   name = hashdb |
+
   name = libsmraw |
   maintainer = [[Bruce Allen]] |
+
   maintainer = [[Joachim Metz]] |
   os = {{Linux}}, {{Windows}}, {{Mac OS X}} |
+
   os = [[Linux]], [[FreeBSD]], [[NetBSD]], [[OpenBSD]], [[Mac OS X]], [[Windows]] |
   genre = {{Analysis}} |
+
   genre = {{Disk imaging}} |
   license = {{Public Domain}} |
+
   license = {{LGPL}} |
   website = [https://github.com/simsong/hashdb/wiki https://github.com/simsong/hashdb/wiki] |
+
   website = [https://code.google.com/p/libsmraw/ code.google.com/p/libsmraw/] |
 
}}
 
}}
  
'''hashdb''' is a tool for finding previously identified blocks of data in media such as disk images. '''hashdb''' provides the following:
+
The '''libsmraw''' package contains a library and applications to read and write (split) RAW storage media bitstream copies.
 +
Libsmraw contains supports for multiple (split) RAW naming schemes.
  
* The '''hashdb''' tool used to create hash databases, import block hashes, provide lookup services, and otherwise manage block hash databases.
+
== History ==
* The '''hashdb''' library that allows other programs to create hash databases or scan for block hashes. The '''hashid''' scanner is a '''bulk_extractor''' plugin that uses '''libhashdb''' to search for previously identified blocks of data.
+
  
== See Also ==
+
Libsmraw was created by [[Joachim Metz]] in 2010, while working for [http://en.hoffmannbv.nl/ Hoffmann Investigations].
* [[Bulk Extractor]], the feature extraction tool.
+
Libsmraw is a rewrite of earlier work for the proof-of-concept multi-threaded imager: GNOME Forensic Imager.
 +
 
 +
== Tools ==  
 +
The '''libsmraw''' package contains the following tools:
 +
* '''smrawmount''', which FUSE mounts (split) RAW image files.
 +
 
 +
The '''libsmraw''' package also contains the following bindings:
 +
* '''pysmraw''', bindings for Python.
 +
 
 +
== Examples ==
 +
 
 +
FUSE mounting a split RAW image (libsmraw 20110916 or later)
 +
<pre>
 +
smrawmount image.raw.000 mount_point
 +
</pre>
 +
 
 +
Or:
 +
<pre>
 +
smrawmount image.raw.??? mount_point
 +
</pre>
 +
 
 +
== Also See ==
 +
[[Raw_Image_Format | RAW Image format]]
  
 
== External Links ==
 
== External Links ==
  
* [https://github.com/simsong/hashdb/wiki Official website]
+
* [https://code.google.com/p/libsmraw/ Project site]

Revision as of 08:45, 21 June 2014

libsmraw
Maintainer: Joachim Metz
OS: Linux, FreeBSD, NetBSD, OpenBSD, Mac OS X, Windows
Genre: Disk imaging
License: LGPL
Website: code.google.com/p/libsmraw/

The libsmraw package contains a library and applications to read and write (split) RAW storage media bitstream copies. Libsmraw contains supports for multiple (split) RAW naming schemes.

History

Libsmraw was created by Joachim Metz in 2010, while working for Hoffmann Investigations. Libsmraw is a rewrite of earlier work for the proof-of-concept multi-threaded imager: GNOME Forensic Imager.

Tools

The libsmraw package contains the following tools:

  • smrawmount, which FUSE mounts (split) RAW image files.

The libsmraw package also contains the following bindings:

  • pysmraw, bindings for Python.

Examples

FUSE mounting a split RAW image (libsmraw 20110916 or later)

smrawmount image.raw.000 mount_point

Or:

smrawmount image.raw.??? mount_point

Also See

RAW Image format

External Links