-
Notifications
You must be signed in to change notification settings - Fork 5.6k
/
Copy pathforensic_tools.py
98 lines (77 loc) · 3.22 KB
/
forensic_tools.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# coding=utf-8
import os
import sys
# Fetching parent directory for importing core.py
current_dir = os.path.dirname(__file__)
parent_dir = os.path.dirname(current_dir)
sys.path.append(parent_dir)
from core import HackingTool
from core import HackingToolsCollection
class Autopsy(HackingTool):
TITLE = "Autopsy"
DESCRIPTION = "Autopsy is a platform that is used by Cyber Investigators.\n" \
"[!] Works in any OS\n" \
"[!] Recover Deleted Files from any OS & Media \n" \
"[!] Extract Image Metadata"
RUN_COMMANDS = ["sudo autopsy"]
def __init__(self):
super(Autopsy, self).__init__(installable = False)
class Wireshark(HackingTool):
TITLE = "Wireshark"
DESCRIPTION = "Wireshark is a network capture and analyzer \n" \
"tool to see what’s happening in your network.\n " \
"And also investigate Network related incident"
RUN_COMMANDS = ["sudo wireshark"]
def __init__(self):
super(Wireshark, self).__init__(installable = False)
class BulkExtractor(HackingTool):
TITLE = "Bulk extractor"
DESCRIPTION = "Extract useful information without parsing the file system"
PROJECT_URL = "https://github.com/simsong/bulk_extractor"
def __init__(self):
super(BulkExtractor, self).__init__([
('GUI Mode (Download required)', self.gui_mode),
('CLI Mode', self.cli_mode)
], installable = False, runnable = False)
def gui_mode(self):
os.system(
"sudo git clone https://github.com/simsong/bulk_extractor.git")
os.system("ls src/ && cd .. && cd java_gui && ./BEViewer")
print(
"If you getting error after clone go to /java_gui/src/ And Compile .Jar file && run ./BEViewer")
print(
"Please Visit For More Details About Installation >> https://github.com/simsong/bulk_extractor")
def cli_mode(self):
os.system("sudo apt install bulk-extractor")
print("bulk_extractor and options")
os.system("bulk_extractor -h")
os.system(
'echo "bulk_extractor [options] imagefile" | boxes -d headline | lolcat')
class Guymager(HackingTool):
TITLE = "Disk Clone and ISO Image Acquire"
DESCRIPTION = "Guymager is a free forensic imager for media acquisition."
INSTALL_COMMANDS = ["sudo apt install guymager"]
RUN_COMMANDS = ["sudo guymager"]
PROJECT_URL = "https://guymager.sourceforge.io/"
class Toolsley(HackingTool):
TITLE = "Toolsley"
DESCRIPTION = "Toolsley got more than ten useful tools for investigation.\n" \
"[+]File signature verifier\n" \
"[+]File identifier \n" \
"[+]Hash & Validate \n" \
"[+]Binary inspector \n " \
"[+]Encode text \n" \
"[+]Data URI generator \n" \
"[+]Password generator"
PROJECT_URL = "https://www.toolsley.com/"
def __init__(self):
super(Toolsley, self).__init__(installable = False, runnable = False)
class ForensicTools(HackingToolsCollection):
TITLE = "Forensic tools"
TOOLS = [
Autopsy(),
Wireshark(),
BulkExtractor(),
Guymager(),
Toolsley()
]