[sleuthkit-users] Autopsy Python Tutorial #2: Data Source Ingest Modules
Brought to you by:
carrier
Menu
▾
▴
[sleuthkit-users] Autopsy Python Tutorial #2: Data Source Ingest Modules
|
From: Brian C. <ca...@sl...> - 2015-08-17 22:01:15
|
To help you put $1000 in your pocket as part of the OSDFCon Autopsy Module challenge (http://www.osdfcon.org/2015-event/2015-module-development-contest/), Basis Technology released another Python tutorial. http://www.basistech.com/python-autopsy-module-tutorial-2-the-data-source-ingest-module/ This one is on writing Python-based data source ingest modules and it covers two topics: 1) Finding a SQLite database, parsing it, and making blackboard artifacts 2) Writing a wrapper around a command line tool that takes a disk image as input Final source code is included (which can be used as part of a challenge submission with a little copy and pasting….). We also uploaded final source code for the first tutorial (on finding big and round files) for those who followed that one: https://github.com/sleuthkit/autopsy/tree/develop/pythonExamples/July2015FileTutorial_BigRound Enjoy! brian |
