Selective File Dumper

  • Nanni BassettiEmail author
  • Denis Frati
Conference paper


During a computer forensics investigation we faced a problem how to get all the interesting files we need fast. We work, mainly, using the Open Source software products and Linux OS, and we consider the Sleuthkit and the Foremost two very useful tools, but for reaching our target they were too complicated and time consuming to use. For this reason we developed the Selective File Dumper, a Linux Bash script which makes it possible to extract all the referenced, deleted and unallocated files and finally to perform a keyword search, in a simple way.


File System Keyword Search Image File Command Line Configuration File 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Carrier B (2005) File System Forensics Analysis. Addison Wesley ProfessionalGoogle Scholar
  2. 2.
    Ghirardini A, Faggioli G (2007) Computer Forensics. ApogeoGoogle Scholar
  3. 3.
    Newman RC (2007) Computer Forensics. Auerbach PubblicationsGoogle Scholar
  4. 4.
    Mandia K, Prosise C (2002) Hacker Pronto Intervento. ApogeoGoogle Scholar
  5. 5.
    Nolan R, O’Sullivan C, Branson J, Waits C (2005) First Responders Guide to Computer Forensics. CERT Training and EducationGoogle Scholar
  6. 6.
    Solomon MG, Barrett D, Broom N (2005) Computer Forensics JumpStart. SybexGoogle Scholar
  7. 7.
    Autopsy and Sleuthkit. The Digital Forensics Toolkit. The Tracker Dog’s Guide
  8. 8.
  9. 9.
  10. 10.
  11. 11.
  12. 12.
  13. 13.
  14. 14.
    Sourceforge -
  15. 15.
  16. 16.
    Bash Cookbook - Carl Albing, JP Vossen, Cameron Newham - O’Reilly - 2007Google Scholar
  17. 17.
    Producing Open Source Software: How to Run a Successful Free Software Project -Karl Fogel - O’Reilly - Paperback 2005Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.BariItaly
  2. 2.BanchetteItaly

Personalised recommendations