[sleuthkit-users] Autopsy Python module - Retrieving data from a blackboard
Brought to you by:
carrier
Menu
▾
▴
[sleuthkit-users] Autopsy Python module - Retrieving data from a blackboard
|
From: Sylvain P. <syl...@gm...> - 2015-06-03 12:15:54
|
Hello, I am trying to develop a Python module for autopsy but several questions remain unanswered for now despite my research. I need your expertise to carry out my project. I would like your help with three points that I haven't found an answer : 1) Find the blackboard of data (generated by other modules) in python 2) Sample module developed for autopsy in python. 3) Find a specific file by his path in python. 1) I'm interested in the recovery of information from a previous module. I saw the documentation about blackboard, like this page : The Sleuth Kit Framework - The Blackboard <http://www.sleuthkit.org/sleuthkit/docs/framework-docs/mod_bbpage.html> and we can see that access to the blackboard is possible in C++ and Java. Is it possible to do the same thing with python and how ? 2) I did some research to find python modules developed for autopsy, and I have not found complete projects outside the examples found at: https://github.com/sleuthkit/autopsy/tree/develop/pythonExamples Do you have some links to existing projects developed in python (not Java or netbeans projects) ? 3) I would use in my module files with a defined path to display them in the blackboard "INTERESTING_FILE_HIT". The examples clearly show how to recover files with the method find and after that display these files into the blackboard, no problem about that. But how to specify a path to a specific file, without using a keyword search (still in python) ? Thank you to those who respond to this message. Cordially Sylvain |
