A comprehensive command-line forensics toolkit for digital image analysis
Project description
🔍 DFIT - Digital Image Forensics Toolkit
A comprehensive command-line forensics toolkit for digital image analysis. Detect tampering, extract hidden data, analyze metadata, and identify steganography.
🎯 Key Features
- Metadata Extraction - EXIF data, GPS coordinates, timestamps, file hashes
- Tampering Detection - Error Level Analysis (ELA) for pixel-level anomalies
- Steganography Detection - LSB analysis and statistical detection
- Hidden Data Extraction - Extract embedded data from images
- Batch Processing - Process entire directories recursively
- Professional Output - Color-coded console, JSON export, HTML reports
📋 Requirements
- Python 3.8+
- PIL/Pillow, OpenCV, NumPy, Click, ExifRead
🚀 Installation
Option 1: Install from PyPI (Recommended)
# Simple installation
pip install dfit-toolkit
# Or with pipx for isolated environment
pipx install dfit-toolkit
# Verify installation
dfit --version
Option 2: Install from Source
git clone https://github.com/C0d3-cr4f73r/DFIT.git
cd DFIT
pip install -e .
# Or with virtual environment
python3 -m venv venv
source venv/bin/activate
pip install -e .
📖 Usage
# Extract metadata
dfit metadata -i image.jpg
# Detect tampering
dfit detect-tampering -i image.jpg
# Scan for steganography
dfit scan-stego -i image.jpg
# Extract hidden data
dfit extract -i image.jpg -o secret.bin
# Comprehensive analysis
dfit analyze -i image.jpg
# Batch processing
dfit batch -i ./images --recursive
# Export results to JSON
dfit metadata -i image.jpg -o report.json
🧪 Testing
python3 -m pytest tests/ -v
# Expected: 23/23 tests passing
🐳 Docker
docker build -t dfit:latest .
docker run --rm dfit:latest --help
docker-compose up --build
📚 Documentation
- CLI Guide - Detailed command reference
- Docker Guide - Docker setup
- Quick Start - Get started in 5 minutes
- Project Summary - Architecture overview
🎓 Real-World Use Cases
- Law Enforcement - Verify evidence authenticity
- Journalism - Verify image authenticity before publication
- Cybersecurity - Analyze malware delivery images
- Insurance & Legal - Verify claim authenticity
📁 Project Structure
src/
├── cli/ # CLI interface
├── core/ # Analysis modules
└── utils/ # Utilities
tests/ # Test suite (23 tests)
docs/ # Documentation
🤝 Contributing
Contributions welcome! See CONTRIBUTING.md for guidelines.
📝 License
MIT License - see LICENSE file for details.
Made with ❤️ for digital forensics professionals
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dfit_toolkit-1.0.0.tar.gz.
File metadata
- Download URL: dfit_toolkit-1.0.0.tar.gz
- Upload date:
- Size: 25.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3a33b7642db4efb22a617cbb37fc9702eee5d9fc0d5243c6700d6c7e55509ab7
|
|
| MD5 |
38e764f0b989d717597503b5464bb714
|
|
| BLAKE2b-256 |
10af5222c14888f0df41112ec846ed36818598bc5766a6eb9540b3bf24f0f4a2
|
File details
Details for the file dfit_toolkit-1.0.0-py3-none-any.whl.
File metadata
- Download URL: dfit_toolkit-1.0.0-py3-none-any.whl
- Upload date:
- Size: 27.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
50e85334139c8362ace410017cc9ce40aeb815513df4cdf64248b4f5e9c4e4db
|
|
| MD5 |
569bc50261e97b1889f1bb97e2f8da78
|
|
| BLAKE2b-256 |
cc0090b1748043451f76afb139fdc62ea51fe63322dba277c7b603cf44fa6d0a
|