Selective File Dumper

Conference paper

DOI: 10.1007/978-1-4419-5803-7_8

Cite this paper as:
Bassetti N., Frati D. (2010) Selective File Dumper. In: Huebner E., Zanero S. (eds) Open Source Software for Digital Forensics. Springer, Boston, MA

Abstract

During a computer forensics investigation we faced a problem how to get all the interesting files we need fast. We work, mainly, using the Open Source software products and Linux OS, and we consider the Sleuthkit and the Foremost two very useful tools, but for reaching our target they were too complicated and time consuming to use. For this reason we developed the Selective File Dumper, a Linux Bash script which makes it possible to extract all the referenced, deleted and unallocated files and finally to perform a keyword search, in a simple way.

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.BariItaly
  2. 2.BanchetteItaly

Personalised recommendations