Difference between revisions of "PyFlag"

From Forensics Wiki

Jump to: navigation, search

Revision as of 15:49, 21 March 2006

PyFlag is a web-based, database-backed forensic and log analysis GUI written in Python.

Contents

1 Features
2 History
- 2.1 License Notes
3 External Links
- 3.1 External Reviews

Features

File Systems Understood

File Search Facilities

Lists allocated and unallocated files.
Sorts files by type.
Searches for keywords.
Works with compressed zip files.

Historical Reconstruction

Can it build timelines and search by creation date?

Creates a "case file".

Searching Abilities

Searches for keywords.
Builds an index.

Hash Databases

Hashes and compares with Hashkeeper using MD5.

Evidence Collection Features

History

Originally started by the Australian Department of Defence, PyFlag is now hosted on SourceForge.

License Notes

GNU GPL.

External Links

Official website

External Reviews

Retrieved from "http://www.forensicswiki.org/w/index.php?title=PyFlag&oldid=2707"