Dissect – Digital Forensics, Incident Response Framework And Toolset That Allows You To Quickly …>
– Unknown (noreply@blogger.com)
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).This project is a meta package, it will install all other Dissect modules with the right combination of versions.Tying this all together, Dissect allows you to work with tools named target-query and target-shell to quickly gain access to forensic artefacts, such as Runkeys, Prefetch files, and Windows Event Logs, just to name a few!Singular approach
And the best thing: all in a singular way, regardless of underlying container (E01, VMDK, QCoW), filesystem (NTFS, ExtFS, FFS), or Operating System (Windows, Linux, ESXi) structure / combination.You no longer have to bother extracting files from your forensic container, mount them (in case of VMDKs and such), retrieve the MFT, and parse it using a separate tool, to finally create a timeline to analyse.These lightweight containers can then be analysed using the tools like target-query and target-shell , but feel free to use other tools as well.dissect.cim dissect.clfs dissect.cstruct dissect.esedb dissect.etl dissect.eventlog dissect.evidence dissect.executable dissect.extfs dissect.fat dissect.ffs dissect.hypervisor dissect.ntfs dissect.ole dissect.regf dissect.sql dissect.squashfs dissect.target dissect.thumbcache dissect.util dissect.vmfs dissect.volume dissect.xfs Related These projects are closely related to Dissect, but not installed by this meta package.To run both linting and unit tests using the default installed Python version, run:
tox
For a more elaborate explanation on how to build and test the project, please see the documentation .
Link: http://www.kitploit.com/2023/10/dissect-digital-forensics-incident.html