GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → BitCurator → bitcurator-access-webtools

BitCurator / bitcurator-access-webtools

Licence: GPL-3.0 license
Tools to browse disk images and file system metadata in a web service

Programming Languages

python
139335 projects - #7 most used programming language
shell
77523 projects
HTML
75241 projects
CSS
56736 projects

Labels

flaskwebforensicsdisk-image

Projects that are alternatives of or similar to bitcurator-access-webtools

Judge-Jury-and-Executable
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+247.37%)
Mutual labels:  forensics
BlockHashLoc
Recover files using lists of blocks hashes, bypassing the File System entirely
Stars: ✭ 45 (+136.84%)
Mutual labels:  forensics
MEAT
This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+431.58%)
Mutual labels:  forensics
LogESP
Open Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+752.63%)
Mutual labels:  forensics
qed
The scalable, auditable and high-performance tamper-evident log project
Stars: ✭ 87 (+357.89%)
Mutual labels:  forensics
RdpCacheStitcher
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (+826.32%)
Mutual labels:  forensics
Packrat
Live system forensic collector
Stars: ✭ 16 (-15.79%)
Mutual labels:  forensics
hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+4678.95%)
Mutual labels:  forensics
Palmprint-Recognition-in-the-Wild
No description or website provided.
Stars: ✭ 22 (+15.79%)
Mutual labels:  forensics
AppmemDumper
Forensics triage tool relying on Volatility and Foremost
Stars: ✭ 22 (+15.79%)
Mutual labels:  forensics
marcellelee.github.io
No description or website provided.
Stars: ✭ 27 (+42.11%)
Mutual labels:  forensics
flare-wmi
No description or website provided.
Stars: ✭ 399 (+2000%)
Mutual labels:  forensics
urlRecon
📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
Stars: ✭ 31 (+63.16%)
Mutual labels:  forensics
CRC-manipulator
Change CRC checksums of your files.
Stars: ✭ 73 (+284.21%)
Mutual labels:  forensics
harvest
Tool to sort large collections of files according to common typologies
Stars: ✭ 32 (+68.42%)
Mutual labels:  forensics
DFIR Resources REvil Kaseya
Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack
Stars: ✭ 172 (+805.26%)
Mutual labels:  forensics
paragon apfs sdk ce
Paragon APFS SDK Free
Stars: ✭ 97 (+410.53%)
Mutual labels:  forensics
sandfly-setup
Sandfly Security Agentless Compromise and Intrusion Detection System For Linux
Stars: ✭ 45 (+136.84%)
Mutual labels:  forensics
RemoteNET
Examine, create and interact with remote objects in other .NET processes.
Stars: ✭ 29 (+52.63%)
Mutual labels:  forensics
GetConsoleHistoryAndOutput
An Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (+115.79%)
Mutual labels:  forensics
View All Similar Projects ➔

logo

BitCurator Access Webtools: Browse disk images and file system metadata in a web service

GitHub issues GitHub forks Build Status Twitter Follow

The BitCurator Access Webtools project allows users to browse file systems contained within disk images using a web browser. It is intended to support access requirements in libraries, archives, and museums preserving born-digital materials extracted from source media as raw or forensically-packaged disk images.

The service uses open source libraries and toolkits including The Sleuth Kit, PyTSK, and the Flask web microservices framework. It uses PyLucene along with format-specific text-extraction tools to index the contents of files contained in disk images, allowing users to search for relevant content without individually inspecting files.

This repository includes a simple build script that deploys the web service as in a VirtualBox VM using Vagrant. It includes several sample images (in the "disk-images" directory) to get you started.

Find out more at https://github.com/BitCurator/bitcurator-access/wiki

Getting started

This software uses Vagrant to provision a virtual machine in which bitcurator-access-webtools runs. To start, make sure you have VirtualBox and Vagrant installed on your Windows, Mac, or Linux host:

Download the latest release (.zip or .tar.gz file) from https://github.com/BitCurator/bitcurator-access-webtools/releases and extract the contents. In a terminal, change into the extracted bitcurator-access-webtools-x-x-xx directory (using the release numbers for your release in place of the x's), and make sure the associated Vagrant box (bentu/ubuntu-18.04) is added:

cd bitcurator-access-webtools-x-x-xx
vagrant box add bento/ubuntu-18.04

You will be prompted for a provider. Select 3) virtualbox by typing '3' and hitting enter.

The first time you run vagrant box add bento/ubuntu-18.04 may take some time. (Note: You only need to run vagrant box add for a particular box one time after installing Vagrant. You may be promted to run the command vagrant box update in future sessions in order to keep the box up to date).

The bitcurator-access-webtools application can be used to view raw (.dd) and EWF (.E01) images containing FAT16, FAT32, NTFS, ext2/3/4, and HFS+ file systems. The application includes several sample images (in the bitcurator-access-webtools/disk-images directory) for testing. You can place additional images in this directory (and remove these test images) as needed.

Once the base box is downloaded, you can start the service by running the command:

vagrant up

from within the bitcurator-access-webtools directory. This step can take a long time the first time you run the software (15-30 minutes depending on your computer). The installation script will provide feedback in the console as it installs each package. Once the virtual machine has been provisioned, open a web browser on your host and navigate to:

127.0.0.1:8080

to see the bitcurator-access-webtools service running.

Terminating the bitcurator-access-webtools service and virtual machine

If you need to stop the service, you can type:

vagrant halt

in the bitcurator-access-webtools directory in the console or terminal on your host machine. The next time you issue the "vagrant up" command, the VM will restart in its previous state.

If you need to delete the VM entirely, you can the the following command after halting the VM:

vagrant destroy

If you wish to build a new VM with updated sources, simply delete the bitcurator-access-webtools directory after halting and destroying the previous VM, and clone or download the current sources from GitHub.

Dependencies

This is a Flask application that is deployed automatically into an appropriately configured Ubuntu 18.04 virtual machine. It has been tested with Python 2.7.3, Flask 0.11, Jinja2, and Postgres 9.3 (but will likely work with other versions). Python 3 should also work. Several other libraries and tools are required, including AFFLIB (v3.7.4 or later), libewf (20140427 or later), The Sleuth Kit (4.1.3 or later), and PyTSK.

Some of these dependencies have existing apt or pip packages in Ubuntu. Others do not. To simplify the process, we've written a bootstrap script that updates and upgrades all the necessary packages, compiles and installs the necessary source packages, and sets up the database. This script is located in the provision directory, and is only run the first time you execute the vagrant up command.

Documentation

The latest documentation can be found on the BitCurator Access wiki page at https://github.com/BitCurator/bitcurator-access/wiki.

Or, follow this link to a direct download of the quick start guide:

http://distro.ibiblio.org/bitcurator/docs/BCA-Quickstart.pdf

License(s)

The BitCurator logo, BitCurator project documentation, and other non-software products of the BitCurator team are subject to the the Creative Commons Attribution 4.0 Generic license (CC By 4.0).

Unless otherwise indicated, software items in this repository are distributed under the terms of the GNU General Public License, Version 3. See the text file "COPYING" for further details about the terms of this license.

In addition to software produced by the BitCurator team, BitCurator packages and modifies open source software produced by other developers. Licenses and attributions are retained here where applicable.

Building a development snapshot

Clone this repository with the following command in a terminal or command shell (Need help installing git? See the How to install a git client section at the bottom of this page):

git clone https://github.com/bitcurator/bitcurator-access-webtools

Once you've checked out the source, change directory into bitcurator-access-webtools, and follow the remaining instructions in the Getting Started section above.

How to install a git client

On Windows, download and install git from:

On MacOS, run the following command in a terminal and click through the prompts:

xcode-select --install

On Debian-based variants of Linux (including Ubuntu), run the following from a terminal:

sudo apt-get install git

IMPORTANT: On Windows, you must make Git check out files with Unix-style line endings in order for the VM to run properly. After installing git, run the following in a console (cmd prompt):

git config --global core.autocrlf false
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].