Home
Latest images
Search
Register
Log inCAINE 2.0 proposed Nautilus Scripts
2 posters
Page 1 of 1
CAINE 2.0 proposed Nautilus Scripts
slo.sleuth Wed Apr 21, 2010 8:45 am
Denis,
I'm proposing to help with CAINE 2.0 by writing Nautilus scripts to help with previewing mounted partitions. I have already written a few that I put on a project similar to CAINE, but I can't keep up with development of the whole distro.
The idea is that an investigator can mount the partition and examine allocated files, using nautilus scripts to launch appropriate viewers. I have some of my scripts at http://code.google.com/p/linuxsleuthing/ for you to look at and I can work on many more, including a more automated catch-all viewer.
The original idea was that non-experts could use CAINE to examine a computer for evidence and collect files for a basic report BEFORE the computer reaches the lab. That way, if the the evidence seized is sufficient to file a case, the prosecution is not delayed because of lab backlogs. Also, only cases requiring more technical examinations need go to the computer lab initially.
From a forensic examiner perspective, the scripts can render index.dat, places.sqlite, Windows Registry, ICQ chat log files, etc. into text files for copy/paste actions in final reports, etc.
Let me know what you think (I know that not all the scripts are the most efficient or coded well, but I offer these as an example before I begin improvements). We can discuss this more if you have an interest.
John
I'm proposing to help with CAINE 2.0 by writing Nautilus scripts to help with previewing mounted partitions. I have already written a few that I put on a project similar to CAINE, but I can't keep up with development of the whole distro.
The idea is that an investigator can mount the partition and examine allocated files, using nautilus scripts to launch appropriate viewers. I have some of my scripts at http://code.google.com/p/linuxsleuthing/ for you to look at and I can work on many more, including a more automated catch-all viewer.
The original idea was that non-experts could use CAINE to examine a computer for evidence and collect files for a basic report BEFORE the computer reaches the lab. That way, if the the evidence seized is sufficient to file a case, the prosecution is not delayed because of lab backlogs. Also, only cases requiring more technical examinations need go to the computer lab initially.
From a forensic examiner perspective, the scripts can render index.dat, places.sqlite, Windows Registry, ICQ chat log files, etc. into text files for copy/paste actions in final reports, etc.
Let me know what you think (I know that not all the scripts are the most efficient or coded well, but I offer these as an example before I begin improvements). We can discuss this more if you have an interest.
John
slo.sleuth- Number of posts : 43
Registration date : 2009-03-31 -
Re: CAINE 2.0 proposed Nautilus Scripts
nannib Sun Apr 25, 2010 2:47 pm
It could be interesting...let me know when the script will be available and I'll try it! :-)
Thanks for your help
Nanni Bassetti
Thanks for your help
Nanni Bassetti
nannib- Admin
- Number of posts : 273
Age : 53
Registration date : 2008-10-28 -
Similar topics» CAINE 1.5 Installed to capture image file from CAINE 1.5 Live CD
» Installed Caine with Caine From Deb. How should I set /etc/fstab?
» CAINE e il Web
» Caine da USB
» About CAINE
» Installed Caine with Caine From Deb. How should I set /etc/fstab?
» CAINE e il Web
» Caine da USB
» About CAINE
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|