MASIGNCLEAN104

Digital Forensics Framework V0.9.0 Latest Version Download !


Tuesday, July 3, 2018
iklan banner
“DFF (Digital Forensics Framework) is a uncomplicated only powerful tool amongst a flexible module organization which volition aid you lot inwards your digital forensics works, including file recovery due to mistake or crash, evidence enquiry too analysis, etc. DFF provides a robust architecture too roughly handy modules.“


This is the alter log:

  • Lib EWF support: The LibEWF [1], developed past times Joachim Metz, has been included every bit a connector. It provides back upwards for Encase(R) file format (E01/S01 format).
  • Bookmarks: It is directly possible to bookmark interesting nodes too kind them past times categories. The aim is to get together relevant files when performing analysis. Bookmarked nodes tin give notice too thus endure used past times other modules too also extracted.
  • Advanced Hexadecimal viewer: Features used to resolve the DFRWS 2010 challenge [2] accept been included. These features are real useful when studying unknown information structures or performing advanced files analysis. This upgraded version of the hexadecimal viewer provides 3 novel visualization modes:
    • pixel view that renders dumps inwards a graphical manner. It permits to recognize structures inwards a visual way. Several options are provided for rendering the stance (8bits, RGB, resolution, …)
    • block mode view providing a uncomplicated agency to see a dump inwards block mode. Size of blocks tin give notice endure chosen inwards the corresponding alternative panel.
    • streamed string view which renders printable characters.
  • NTFS ADS: The NTFS module directly supports ADS streams. With ADS, several information streams belong to 1 file entry, each information current is provided every bit a node which simplifies analysis.
  • Windows Devices: Devices on Windows tin give notice directly endure straight opened too used inwards DFF. It enables Live Forensics analysis inwards an tardily way. It also provides a agency to dump devices past times extracting the corresponding nodes.
  • Virtual change of nodes (aka files): Two novel modules accept been added to modify nodes virtually (i.e. inwards memory, without writing on disk). These 2 modules are real useful when working amongst large files:
    • Cut module practice a novel node from a role of a file past times providing a commencement offset too a size.
    • Merge module allows to merge 2 files inwards a novel one.
  • Loader too API Versioning: Each constituent of the API directly has its ain version number. Modules too scripts tin give notice directly supply specific API constituent dependency too volition endure checked when loaded. Loader retro-compatibility is maintained every bit it genuinely loads modules too scripts using one-time manner.
  • Inline documentation: An inline documentation has been straight incorporated inwards the Framework. It is directly possible to browse the documentation straight inwards the software too inwards a disconnected environment.
  • Execution times: Each procedure inwards the chore manager directly displays fourth dimension of execution.
  • Enhanced GUI ergonomy: Several parts of the GUI accept been enhanced to supply a meliorate expect too experience to the user:
    • Dialog window used to supply arguments to modules has been redesigned.
    • Easier alternative of input files too / or directories
    • Enhanced dialog to pick out devices
    • Right click has been re-factored. Some categories accept been renamed.
  • Languages pack: Using –lang switch when starting DFF inwards ascendance describe of piece of job provides a agency to pick out the linguistic communication to usage inwards the Graphical User Interface. Translations are provided for 3 dissimilar languages: English, Castilian too French. Contribution to back upwards other languages are welcomed.
  • Debug switch: H5N1 new switch (-d) enables to output all prints to the console without modifying lines of code.
Bug fixes:
  • GUI proxy model issues: H5N1 major põrnikas inwards the node browser conducting to crashes on roughly architecture has been fixed. It was related to the refresh events on Nodes too the agency signals where sent betwixt views too model.
  • Exceptions: Exceptions were non correctly handled inwards 0.8 version. There is directly a generic exceptions handler used for each wrapped methods. This significantly reduces crashes too provides to a greater extent than user friendly messages when errors accept been encountered inwards modules.
  • NTFS: Attributes parsing on huge file-system has been improved. DFF attributes conversion from int to string has been removed. It was used to exhibit both decimal too hexadecimal views. It has to endure managed past times graphical stance itself. MFT too Indexes decoding mode accept been fixed (entries starting amongst FILE or INDX). It is useful for deep analysis.
  • EXTFS: The mistake administration is made properly. Default values too behaviors for roughly options accept been modified inwards guild to commencement the module without modifying the default configuration.
  • Argument: Fixed issues amongst integer type too optional arguments generated past times the GUI inwards 0.8.
  • Picture viewer: Exif information are no longer editable
We are most excited almost the advanced Hexadecimal viewer that has been bundled amongst this version!
Download DFF v0.9.0 here.


News Source : Goolge
Share This :
Concept Phone

comment 0 Comments

more_vert

Subscribe to: Post Comments (Atom)