Selective File Dumper

Conference paper

Abstract

During a computer forensics investigation we faced a problem how to get all the interesting files we need fast. We work, mainly, using the Open Source software products and Linux OS, and we consider the Sleuthkit and the Foremost two very useful tools, but for reaching our target they were too complicated and time consuming to use. For this reason we developed the Selective File Dumper, a Linux Bash script which makes it possible to extract all the referenced, deleted and unallocated files and finally to perform a keyword search, in a simple way.

References

  1. 1.
    Carrier B (2005) File System Forensics Analysis. Addison Wesley ProfessionalGoogle Scholar
  2. 2.
    Ghirardini A, Faggioli G (2007) Computer Forensics. ApogeoGoogle Scholar
  3. 3.
    Newman RC (2007) Computer Forensics. Auerbach PubblicationsGoogle Scholar
  4. 4.
    Mandia K, Prosise C (2002) Hacker Pronto Intervento. ApogeoGoogle Scholar
  5. 5.
    Nolan R, O’Sullivan C, Branson J, Waits C (2005) First Responders Guide to Computer Forensics. CERT Training and EducationGoogle Scholar
  6. 6.
    Solomon MG, Barrett D, Broom N (2005) Computer Forensics JumpStart. SybexGoogle Scholar
  7. 7.
    Autopsy and Sleuthkit. The Digital Forensics Toolkit. The Tracker Dog’s Guide www.linux-magazine.com/issue/36/Autopsy.pdf
  8. 8.
  9. 9.
  10. 10.
  11. 11.
  12. 12.
  13. 13.
  14. 14.
    Sourceforge - http://sourceforge.net
  15. 15.
  16. 16.
    Bash Cookbook - Carl Albing, JP Vossen, Cameron Newham - O’Reilly - 2007Google Scholar
  17. 17.
    Producing Open Source Software: How to Run a Successful Free Software Project -Karl Fogel - O’Reilly - Paperback 2005Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.BariItaly
  2. 2.BanchetteItaly

Personalised recommendations