Difference between revisions of "Snorkel"
(Created page with '{{Infobox_Software | name = Snorkel | maintainer = NFI | os = Java | genre = {{Analysis}} | license = proprietary | website = [http://www.holmes.nl/NFIlabs/Snorkel h…') |
Joachim Metz (Talk | contribs) (→Image File Formats Understood) |
||
| (2 intermediate revisions by one user not shown) | |||
| Line 20: | Line 20: | ||
{| | {| | ||
|Image file formats | |Image file formats | ||
| − | |[[ | + | |[[Encase image file format|EnCase]] |
|- | |- | ||
| | | | ||
| − | | | + | |[[Raw Image Format|RAW (dd)]] |
|- | |- | ||
| | | | ||
| − | | | + | |[[VMWare Virtual Disk Format (VMDK)|VMWare (VMDK)]] |
|} | |} | ||
| Line 33: | Line 33: | ||
{| | {| | ||
|Volume managers | |Volume managers | ||
| − | |Windows (LDM) | + | |[[Logical Disk Manager (LDM)|Windows (LDM)]] |
|- | |- | ||
|Partitioning schemes | |Partitioning schemes | ||
Latest revision as of 14:30, 20 September 2012
| Snorkel | |
|---|---|
| Maintainer: | NFI |
| OS: | Java |
| Genre: | Analysis |
| License: | proprietary |
| Website: | http://www.holmes.nl/NFIlabs/Snorkel |
Snorkel is a Java software library that is used by developers of forensic software. Snorkel is not a standalone forensic application, but it is an important piece of infrastructure that can be used by many forensic applications: Snorkel gives access to digital evidence files, file systems, files, slack space, unallocated clusters, etc. This type of access is a key enabler in the development of forensic software systems, ranging from single-purpose stand-alone tools to integrated forensic processing systems.
Snorkel is developed by the Netherlands Forensic Institute
Contents |
[edit] Features
Snorkel recognizes and gives access to numerous storage formats for digital evidence, disk partitioning schemes, volume managers, file systems, and structured files. The formats supported are summarized below.
[edit] Image File Formats Understood
| Image file formats | EnCase |
| RAW (dd) | |
| VMWare (VMDK) |
[edit] File Systems Understood
| Volume managers | Windows (LDM) |
| Partitioning schemes | PC/MBR |
| Apple | |
| GPT | |
| BSD | |
| File systems | Windows (FAT, NTFS) |
| Apple (MFS, HFS, HFS+) | |
| Linux (EXT, Reiser) | |
| Solaris, BSD (UFS) | |
| CD (ISO9660, Joliet) | |
| File Formats | Windows registry (Win 9x, NT) |
| Microsoft Office (OLE2) |
[edit] License Notes
Snorkel is has a proprietary license. An evaluation version is available from the website.
[edit] External Links
