https://github.com/franckferman/datadetective

Unlock the story hidden in data - Your digital investigation partner. The Sleuth Kit Python Wrapper.
https://github.com/franckferman/datadetective

automation automation-forensics forensic forensic-analysis forensic-examinations forensic-tools forensics forensics-data forensics-investigations forensics-tools python python-3 python3 sleuthkit tsk

Last synced: 7 months ago
JSON representation

Unlock the story hidden in data - Your digital investigation partner. The Sleuth Kit Python Wrapper.

• Host: GitHub
• URL: https://github.com/franckferman/datadetective
• Owner: franckferman
• License: agpl-3.0
• Created: 2024-03-11T15:10:05.000Z (over 1 year ago)
• Default Branch: stable
• Last Pushed: 2024-08-26T13:15:53.000Z (about 1 year ago)
• Last Synced: 2025-01-27T10:26:48.476Z (8 months ago)
• Topics: automation, automation-forensics, forensic, forensic-analysis, forensic-examinations, forensic-tools, forensics, forensics-data, forensics-investigations, forensics-tools, python, python-3, python3, sleuthkit, tsk
• Language: Python
• Homepage: https://github.com/franckferman/DataDetective
• Size: 675 KB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          


[![Contributors][contributors-shield]](https://github.com/franckferman/DataDetective/graphs/contributors)

[![Forks][forks-shield]](https://github.com/franckferman/DataDetective/network/members)

[![Stargazers][stars-shield]](https://github.com/franckferman/DataDetective/stargazers)

[![Issues][issues-shield]](https://github.com/franckferman/DataDetective/issues)

[![License][license-shield]](https://github.com/franckferman/DataDetective/blob/stable/LICENSE)



  



🕵️‍♂️ DataDetective



    Unlock the story hidden in data.

    


    Your digital investigation partner.





    📘 Explore the full documentation

    ·

    🐞 Report Bug

    ·

    🛠️ Request Feature





[contributors-shield]: https://img.shields.io/github/contributors/franckferman/DataDetective.svg?style=for-the-badge

[contributors-url]: https://github.com/franckferman/DataDetective/graphs/contributors

[forks-shield]: https://img.shields.io/github/forks/franckferman/DataDetective.svg?style=for-the-badge

[forks-url]: https://github.com/franckferman/DataDetective/network/members

[stars-shield]: https://img.shields.io/github/stars/franckferman/DataDetective.svg?style=for-the-badge

[stars-url]: https://github.com/franckferman/DataDetective/stargazers

[issues-shield]: https://img.shields.io/github/issues/franckferman/DataDetective.svg?style=for-the-badge

[issues-url]: https://github.com/franckferman/DataDetective/issues

[license-shield]: https://img.shields.io/github/license/franckferman/DataDetective.svg?style=for-the-badge

[license-url]: https://github.com/franckferman/DataDetective/blob/stable/LICENSE

## 📖 About

**DataDetective:** _Advanced forensic analysis._

*DataDetective*, a Python tool designed to extract pertinent files for forensic analysis from EWF disk images, represents a pivotal advancement in digital investigation.

In a landscape where the extraction of valuable data from complex disk images is paramount, **DataDetective** emerges as a beacon of efficiency and precision. As traditional methods falter in the face of evolving forensic challenges, **DataDetective** stands ready to navigate the intricate labyrinth of digital evidence, offering investigators a reliable means to uncover crucial insights and facilitate comprehensive analysis.

## 🚀 Installation

Before diving into the installation process, ensure you meet the following prerequisites.

### Prerequisites

1. **Python 3**: Ensure Python 3 is installed on your system before initiating the installation process.

2. **SluthKit** :  **DataDetective** incorporates essential tools like SluthKit.

3. **Regripper** : **DataDetective** relies on crucial tools such as Regripper.

### Installation

```bash

git clone https://github.com/franckferman/DataDetective.git

```

### **List of command**

#### ❔ Get Help:

```bash

python3 DataDetective.py -h

```

#### ⚖️ Check Image Integrity:

```bash

python3 DataDetective.py -i image.ewf --check-image

```

#### 📋 List Image Partitions:

```bash

python3 DataDetective.py -i image.ewf --show-partitions

```

#### 📁 List Partitions Files:

```bash

python3 DataDetective.py -i image.ewf --show-files

python3 DataDetective.py -i image.ewf --show-files -r # For recursivity

```

#### 🗂️ Show a specific directory:

```bash

python3 DataDetective.py -i image.ewf --show-dir DIR_NAME

```

#### 🔎 Extract data:

```bash

python3 DataDetective.py -i image.ewf -e ALL -o /path/for/output

```