fact

module
v0.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 17, 2024 License: MIT

README

FACT

Forensic Artifacts Collecting Toolkit.

$ fmount -T dd image.dd | ffind -H sha256 -Z artifacts.zip

Tools

License

Released under the MIT License.

Directories

Path Synopsis
cmd
ffind
Find forensic artifacts in a mount point or on the live system.
Find forensic artifacts in a mount point or on the live system.
fmount
Mount forensic disk images for read-only processing.
Mount forensic disk images for read-only processing.
internal
sys
System functions.
System functions.
test
Test functions.
Test functions.
zip
Zip archive functions.
Zip archive functions.
pkg
ffind
FFind implementation details.
FFind implementation details.
fmount
FMount implementation details.
FMount implementation details.
fmount/dd
DD implementation details.
DD implementation details.
windows
Windows system artifact enumeration functions.
Windows system artifact enumeration functions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL