A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container

These details have been verified by PyPI

Project links

repository

GitHub Statistics

Maintainers

fox-it

These details have not been verified by PyPI

Project links

Development Status
- 5 - Production/Stable
Environment
- Console
Intended Audience
- Developers
- Information Technology
License
- OSI Approved
Operating System
- OS Independent
Programming Language
- Python :: 3
Topic

Project description

Acquire

acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container. This makes acquire an excellent tool to, among others, speedup the process of digital forensic triage. It uses dissect to gather that information from the raw disk, if possible.

acquire gathers artifacts based on modules. These modules are paths or globs on a filesystem which acquire attempts to gather. Multiple modules can be executed at once, which have been collected together inside a profile. These profiles (used with --profile) are full, default, minimal and none. Depending on what operating system gets detected, different artifacts are collected.

The most basic usage of acquire is as follows:

user@dissect~$ sudo acquire

The tool requires administrative access to read raw disk data instead of using the operating system for file access. However, there are some options available to use the operating system as a fallback option. (e.g --fallback or --force-fallback)

For more information, please see the documentation.

Requirements

This project is part of the Dissect framework and requires Python.

Information on the supported Python versions can be found in the Getting Started section of the documentation.

Installation

acquire is available on PyPI.

pip install acquire

Build and test instructions

This project uses tox to build source and wheel distributions. Run the following command from the root folder to build these:

tox -e build

The build artifacts can be found in the dist/ directory.

tox is also used to run linting and unit tests in a self-contained environment. To run both linting and unit tests using the default installed Python version, run:

tox

For a more elaborate explanation on how to build and test the project, please see the documentation.

Contributing

The Dissect project encourages any contribution to the codebase. To make your contribution fit into the project, please refer to the development guide.

Copyright and license

Dissect is released as open source by Fox-IT (https://www.fox-it.com) part of NCC Group Plc (https://www.nccgroup.com).

Developed by the Dissect Team (dissect@fox-it.com) and made available at https://github.com/fox-it/acquire.

License terms: AGPL3 (https://www.gnu.org/licenses/agpl-3.0.html). For more information, see the LICENSE file.

Project details

These details have been verified by PyPI

Project links

repository

GitHub Statistics

Maintainers

fox-it

These details have not been verified by PyPI

Project links

Development Status
- 5 - Production/Stable
Environment
- Console
Intended Audience
- Developers
- Information Technology
License
- OSI Approved
Operating System
- OS Independent
Programming Language
- Python :: 3
Topic

Release history Release notifications | RSS feed

3.20.dev3 pre-release

Jun 24, 2025

3.20.dev2 pre-release

Jun 24, 2025

3.20.dev1 pre-release

Jun 17, 2025

This version

3.19

May 20, 2025

3.19.dev12 pre-release

May 20, 2025

3.19.dev11 pre-release

May 14, 2025

3.19.dev10 pre-release

May 14, 2025

3.19.dev9 pre-release

May 14, 2025

3.19.dev8 pre-release

May 13, 2025

3.19.dev7 pre-release

May 7, 2025

3.19.dev6 pre-release

May 6, 2025

3.19.dev5 pre-release

Apr 16, 2025

3.19.dev4 pre-release

Apr 15, 2025

3.19.dev3 pre-release

Apr 14, 2025

3.19.dev2 pre-release

Apr 10, 2025

3.19.dev1 pre-release

Mar 11, 2025

3.18

Mar 10, 2025

3.18.dev12 pre-release

Feb 27, 2025

3.18.dev11 pre-release

Feb 24, 2025

3.18.dev10 pre-release

Feb 19, 2025

3.18.dev9 pre-release

Feb 19, 2025

3.18.dev7 pre-release

Jan 24, 2025

3.18.dev6 pre-release

Jan 24, 2025

3.18.dev5 pre-release

Jan 21, 2025

3.18.dev4 pre-release

Jan 21, 2025

3.18.dev3 pre-release

Jan 16, 2025

3.18.dev2 pre-release

Jan 15, 2025

3.18.dev1 pre-release

Nov 26, 2024

3.17

Nov 18, 2024

3.17.dev7 pre-release

Nov 5, 2024

3.17.dev6 pre-release

Nov 4, 2024

3.17.dev5 pre-release

Nov 4, 2024

3.17.dev3 pre-release

Oct 24, 2024

3.17.dev2 pre-release

Oct 24, 2024

3.17.dev1 pre-release

Sep 11, 2024

3.16

Sep 10, 2024

3.16.dev9 pre-release

Sep 9, 2024

3.16.dev8 pre-release

Aug 27, 2024

3.16.dev7 pre-release

Aug 1, 2024

3.16.dev6 pre-release

Jul 19, 2024

3.16.dev5 pre-release

Jul 19, 2024

3.16.dev4 pre-release

Jul 18, 2024

3.16.dev3 pre-release

Jul 18, 2024

3.16.dev2 pre-release

Jul 12, 2024

3.16.dev1 pre-release

Jul 5, 2024

3.15

Jul 1, 2024

3.15.dev5 pre-release

Jul 1, 2024

3.15.dev4 pre-release

Jul 1, 2024

3.15.dev3 pre-release

Jun 27, 2024

3.15.dev2 pre-release

Jun 7, 2024

3.15.dev1 pre-release

Jun 6, 2024

3.14

May 7, 2024

3.14.dev9 pre-release

May 6, 2024

3.14.dev8 pre-release

Apr 26, 2024

3.14.dev7 pre-release

Apr 11, 2024

3.14.dev6 pre-release

Apr 8, 2024

3.14.dev5 pre-release

Mar 28, 2024

3.14.dev4 pre-release

Mar 22, 2024

3.14.dev3 pre-release

Mar 21, 2024

3.14.dev2 pre-release

Mar 20, 2024

3.14.dev1 pre-release

Mar 15, 2024

3.13

Mar 7, 2024

3.13.dev11 pre-release

Mar 4, 2024

3.13.dev10 pre-release

Feb 27, 2024

3.13.dev9 pre-release

Feb 26, 2024

3.13.dev8 pre-release

Feb 15, 2024

3.13.dev7 pre-release

Feb 15, 2024

3.13.dev6 pre-release

Feb 14, 2024

3.13.dev5 pre-release

Feb 12, 2024

3.13.dev4 pre-release

Feb 2, 2024

3.13.dev3 pre-release

Feb 1, 2024

3.13.dev2 pre-release

Jan 31, 2024

3.13.dev1 pre-release

Jan 31, 2024

3.12

Jan 26, 2024

3.12.dev8 pre-release

Jan 23, 2024

3.12.dev7 pre-release

Jan 17, 2024

3.12.dev6 pre-release

Jan 15, 2024

3.12.dev5 pre-release

Jan 12, 2024

3.12.dev4 pre-release

Jan 3, 2024

3.12.dev3 pre-release

Jan 3, 2024

3.12.dev2 pre-release

Jan 3, 2024

3.12.dev1 pre-release

Dec 20, 2023

3.11

Dec 18, 2023

3.11.dev4 pre-release

Dec 6, 2023

3.11.dev3 pre-release

Nov 23, 2023

3.11.dev2 pre-release

Nov 21, 2023

3.11.dev1 pre-release

Nov 16, 2023

3.10

Nov 8, 2023

3.10.dev7 pre-release

Nov 2, 2023

3.10.dev6 pre-release

Oct 26, 2023

3.10.dev5 pre-release

Oct 25, 2023

3.10.dev4 pre-release

Oct 18, 2023

3.10.dev3 pre-release

Oct 11, 2023

3.10.dev2 pre-release

Oct 4, 2023

3.10.dev1 pre-release

Oct 3, 2023

3.9

Sep 26, 2023

3.9.dev15 pre-release

Sep 21, 2023

3.9.dev14 pre-release

Sep 11, 2023

3.9.dev13 pre-release

Sep 1, 2023

3.9.dev12 pre-release

Aug 31, 2023

3.9.dev11 pre-release

Aug 30, 2023

3.9.dev10 pre-release

Aug 29, 2023

3.9.dev9 pre-release

Aug 28, 2023

3.9.dev8 pre-release

Aug 28, 2023

3.9.dev7 pre-release

Aug 28, 2023

3.9.dev6 pre-release

Aug 25, 2023

3.9.dev5 pre-release

Aug 17, 2023

3.9.dev4 pre-release

Aug 16, 2023

3.9.dev3 pre-release

Aug 16, 2023

3.9.dev2 pre-release

Aug 15, 2023

3.9.dev1 pre-release

Aug 15, 2023

3.8

Aug 10, 2023

3.8.dev10 pre-release

Aug 10, 2023

3.8.dev9 pre-release

Jul 25, 2023

3.8.dev8 pre-release

Jul 19, 2023

3.8.dev5 pre-release

Jul 18, 2023

3.8.dev4 pre-release

Jul 18, 2023

3.8.dev3 pre-release

Jul 18, 2023

3.8.dev2 pre-release

Jul 11, 2023

3.8.dev1 pre-release

Jul 7, 2023

3.7

Jul 5, 2023

3.7.dev6 pre-release

Jul 5, 2023

3.7.dev5 pre-release

Jun 27, 2023

3.7.dev4 pre-release

Jun 21, 2023

3.7.dev3 pre-release

Jun 19, 2023

3.7.dev2 pre-release

Jun 16, 2023

3.7.dev1 pre-release

May 31, 2023

3.6

May 25, 2023

3.6.dev9 pre-release

May 16, 2023

3.6.dev8 pre-release

May 15, 2023

3.6.dev7 pre-release

May 2, 2023

3.6.dev6 pre-release

May 1, 2023

3.6.dev5 pre-release

Apr 13, 2023

3.6.dev4 pre-release

Apr 11, 2023

3.6.dev3 pre-release

Apr 11, 2023

3.6.dev2 pre-release

Apr 5, 2023

3.6.dev1 pre-release

Mar 31, 2023

3.5

Mar 24, 2023

3.5.dev9 pre-release

Mar 22, 2023

3.5.dev8 pre-release

Mar 22, 2023

3.5.dev7 pre-release

Mar 17, 2023

3.5.dev6 pre-release

Mar 17, 2023

3.5.dev4 pre-release

Mar 14, 2023

3.5.dev3 pre-release

Mar 1, 2023

3.5.dev2 pre-release

Feb 24, 2023

3.5.dev1 pre-release

Feb 10, 2023

3.4

Feb 10, 2023

3.4.dev8 pre-release

Feb 8, 2023

3.4.dev7 pre-release

Feb 7, 2023

3.4.dev6 pre-release

Feb 7, 2023

3.4.dev5 pre-release

Feb 3, 2023

3.4.dev4 pre-release

Jan 23, 2023

3.4.dev3 pre-release

Jan 9, 2023

3.4.dev2 pre-release

Jan 4, 2023

3.4.dev1 pre-release

Jan 2, 2023

3.3

Dec 9, 2022

3.3.dev17 pre-release

Dec 9, 2022

3.3.dev16 pre-release

Dec 1, 2022

3.3.dev15 pre-release

Nov 25, 2022

3.3.dev14 pre-release

Nov 25, 2022

3.3.dev13 pre-release

Nov 24, 2022

3.3.dev12 pre-release

Nov 18, 2022

3.3.dev11 pre-release

Nov 18, 2022

3.3.dev10 pre-release

Nov 17, 2022

3.3.dev9 pre-release

Nov 14, 2022

3.3.dev8 pre-release

Nov 11, 2022

3.3.dev7 pre-release

Nov 8, 2022

3.3.dev4 pre-release

Nov 2, 2022

3.2 yanked

Oct 4, 2022