RE: [sleuthkit-developers] New Features / Changes
Brought to you by:
carrier
Menu
▾
▴
RE: [sleuthkit-developers] New Features / Changes
|
From: Paul B. <ba...@fo...> - 2003-08-15 15:27:58
|
> > > - Redesign Autopsy so that it is easier for people to add=20 > > > functions. > > This would help a lot.... It is probably closely tied to the Hooks=20 > > feature I'm proposing below. You should be able to hook a function=20 > > into a page. Shall I assist you with this feature? >=20 > The hooks feature, which I agree would be nice, doesn't need to be > tied to the re-architecture. The hooks would probably be an=20 > installation wide configuration. A config file can have the regular > expression to match against 'file' and the path of the program to > execute.=20 Yes I agree.. For the hooks to applications... But I was also referring to function hooks.. Thus in the search tab I just have to add somthing like: add_hook(INDEXED_SEARCH_BOX); Which is a function defined in another file thus not needing to add = something in the code of the current search screen. > What is the output of the libPST? Are there tools pre-defined or is > it just a library that you must write the code for? As far as I know: both... So that can always be made to work. > The registry tools that I know of, are being developed in the same > model as The Sleuth Kit. So, there is a regls and a regcat. =20 > They work > with 2K and XP (I think). These tools would also fall under the > 'Application Analysis' mode. Actually, I guess the hooks design=20 > would also fall under the Appliation Analysis mode. Instead of=20 > opening up just the 'Cell' window, it would open the application mode > that had the HTML cell as one of the tabs. =20 OK great.. We'll see about that then.. And otherwise we can always = switch to the other one instead. =20 Signing off... Stepping in a plane in 3 hours.... Paul Bakker.. |
