Re: [sleuthkit-users] Python Module Ideas Needed!
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-users] Python Module Ideas Needed!
|
From: Alex N. <ajn...@cs...> - 2014-02-27 23:21:06
|
Hi Derrick, A note on one of your suggestions: The read-only-but-writeable device bit might already be handled with xmount: https://www.pinguin.lu/index.php (you should probably just ignore the website's self-signed cert) (also packaged in several Linux distros, and worked fo rme) I don't think there's need to duplicate that effort. --Alex On Feb 27, 2014, at 15:16 , Derrick Karpo <dk...@gm...> wrote: > Awwww....I was hoping for Lisp integration but will take what I can get. ;) Yay Python! > > Here's some thoughts that may or may not be useful: > > o mmap larger files so that plugins can query directly against the mmap file for searches? > o Automatically create a de-duped set of files from an exhibit (maybe using set() or frozenset()?) > o Cross-image file testing for membership or non-membership (maybe using set() or frozenset()?) > o Expose an image back to the OS as a read-only physical device (with a temporary scratchfile). It would be cool if it could expose an image that tools (ie. virtualization) could then hook into. > o Create a Python input stream (named pipe?) so that any application can feed data directly into your Autopsy case for ingest. ie. Take your bulk_extractor output and feed it directly into Autopsy so that Autopsy can ingest it. Rather than grep'ing across all my data sources I could do it all in Autopsy where it is indexed. > > Derrick > > > > On Thu, Feb 27, 2014 at 3:35 PM, Brian Carrier <ca...@sl...> wrote: > We're having our company's internal annual hack-a-thon and a team of us decided to add python bindings to Autopsy. We did it! > > Now, we need to win the competition with a cool demo. Anybody have any ideas of cool things that can be done in Python that would demo well? > > > > ------------------------------------------------------------------------------ > Flow-based real-time traffic analytics software. Cisco certified tool. > Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer > Customize your own dashboards, set traffic alerts and generate reports. > Network behavioral analysis & security monitoring. All-in-one tool. > http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk > _______________________________________________ > sleuthkit-users mailing list > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > http://www.sleuthkit.org > > ------------------------------------------------------------------------------ > Flow-based real-time traffic analytics software. Cisco certified tool. > Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer > Customize your own dashboards, set traffic alerts and generate reports. > Network behavioral analysis & security monitoring. All-in-one tool. > http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk_______________________________________________ > sleuthkit-users mailing list > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > http://www.sleuthkit.org |
