[sleuthkit-developers] Quick Update
Brought to you by:
carrier
Menu
▾
▴
[sleuthkit-developers] Quick Update
|
From: Brian C. <ca...@sl...> - 2012-03-21 03:27:47
|
I had meant to send this e-mail out in January when I did a talk at the DC3 Cybercrime on Sleuth Kit and Autopsy, but ... it has been siting in my Drafts mailbox since then. If I were more hip, I'd do this in a blog. While I do not have one of those right now, I do now have a twitter account to provide updates on all things TSK:
http://twitter.com/#!/sleuthkit
Topics that have relevant updates:
* The Third Sleuth Kit and Open Source Digital Forensics Conference will be held in October (instead of June). The CFP is out and submissions are due by Apr 16. We're looking for both developers and users to present. Please submit topics for presentations and plan on attending. Everyone seems to learn a bunch each year.
http://www.osdfcon.org/2012/
* The application-level framework that was presented this past summer at the Sleuth Kit and Open Source Digital Forensics Conference is now in the public github repository. Basic development docs can be found below, but they are still being tweaked. The APIs may change a little before the official release and I'll provide more details later, but it is available for anyone to start playing with. We'll be adding more sample modules later. tsk_analyzeimg is a new command line tool that allows you to run the analysis pipelines on a disk image. For those who do not know anything about this framework, it will make it easier to build end-to-end forensics solutions. For the readers who are not developers, the framework won't do much for you yet. Sorry.
http://www.sleuthkit.org/sleuthkit/docs/framework-docs/
* The github repository for Autopsy 3 has a keyword search capability with SOLR. It isn't complete yet, but that is what we are working on there. There is also code in there that is pulling out web artifacts and recent activity. It has a new "triage" / multi-threaded data ingest design now.
https://github.com/sleuthkit/autopsy
* I added a bunch of links on the site to the Sleuth Kit Hadoop Framework that we mentioned at last years conference, but never added any links to it. It was a joint project funded by the US Army Intelligence Center of Excellence (USAICoE) and performed by Basis Technology, Lightbox Technologies, and 42Six Solutions. It is a prototype system that allows you to analyze a disk image in a Hadoop cluster (i.e. the "cloud").
http://www.sleuthkit.org/tsk_hadoop/index.php
brian
|
