Selective file dumper
This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Selective_file_dumper".

content
Selective File Dumper
Design by Nanni Bassetti and Denis Frati
Latest release 1.5 / March 21, 2008
Written in Bash (shell script)
OS Linux
Type Computer forensics
License GNU General Public License
GNU Lesser General Public License
Website http://sfdumper.sourceforge.net/
Free software portal

Selective File Dumper (SFDumper) is a free open source computer forensics tool, written by Nanni Bassetti and Denis Frati, for Linux systems.

It is a Bash script which can retrieve all the files of a chosen type (eg. .doc or .jpg), regardless if they are active, deleted or unallocated. It automatically runs Foremost for carving, and Sleuthkit for deleted files retrieval. It then eliminates duplicated files by comparing the SHA256 hashes of the carved files and the active and deleted files. Thanks to carving, files simply renamed to a different extension will be identified. Also, it is possible to expand the Foremost configuration file inside the script to add new extensions. Finally, it is possible to do a keyword search on the extracted files. The script can work on an image file or directly from a device.

It is free software licensed under the terms of the GNU General Public License (GPL) and GNU Lesser General Public License (LGPL).

SFDumper has been included into CAINE a new Linux Live Distribution for the Digital Forensics developed by the Modena University (Italy).

Requirements

Requirements for the GUI version

External links
© jGames.co.uk 2007 (some content from Wikipedia under GDL ) !-- ValueClick Media 468x60 and 728x90 Banner CODE for jgames.co.uk -->
Your Ad Here