ATTENTION: The new home of the Digital Forensics Wiki is at https://forensicswiki.xyz/. Yeah, it's a silly name, but it was cheap.
This wiki will be going offline permanently in the near future. An exact date will be announced soon. Thank you for being a part of this community.
If you wish to work on the new forensicswiki, please join the Google Group forensicswiki-reborn

PyFlag

From ForensicsWiki
Revision as of 20:48, 21 March 2006 by Uwe Hermann (Talk | contribs) (Rewritten description (the previous was cut'n'pasted from the website). Added history.)

Jump to: navigation, search

PyFlag is a web-based, database-backed forensic and log analysis GUI written in Python.

Features

File Systems Understood

File Search Facilities

  • Lists allocated and unallocated files.
  • Sorts files by type.
  • Searches for keywords.
  • Works with compressed zip files.

Historical Reconstruction

Can it build timelines and search by creation date?

  • Creates a "case file".

Searching Abilities

  • Searches for keywords.
  • Builds an index.

Hash Databases

Evidence Collection Features

History

License Notes

  • GNU GPL.

External Links

External Reviews