Extracts files from .raw/.dd images using sleuthkit
Project description
Description
Extracts files from .raw/.dd images by using sleuthkit
Installation
apt install sleuthkit
pip install fileextract
Usage
Create a config file with the following schema:
{
"logPath": "fileextract.log", // Path to log file
"raws": [ // List of .raw images
{
"path": "path/to/raws/**", // Path to the .raw image
"offset": 0, // Offset where the file system starts
"files": [ // The files which shall be extracted
"/data/app/user.db"
]
}
]
}
Example
python -m fileextract -c config.json
################################################################################
fileextract by 5f0
Extracts files from .raw images by using sleuthkit
Current working directory: /path/to/fileextract
Datetime: 01/01/1970 10:11:12
################################################################################
--> Target: path/to/raws/action_one.raw
---
Create: path/to/raws/action_one.raw_files
Extract: /data/app/user.db
---
--> Target: path/to/raws/action_two.raw
---
Create: path/to/raws/action_two.raw_files
Extract: /data/app/user.db
---
################################################################################
Execution Time: 0.139446 sec
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
fileextract-1.0.0.tar.gz
(4.1 kB
view hashes)
Built Distribution
Close
Hashes for fileextract-1.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 75da2d3aa4a134b3b4ec46aa5d7aa8db0f7e64751d438ff2224b6a04953fbb77 |
|
MD5 | 66b74355078332abc6342eee29d0b24a |
|
BLAKE2b-256 | 51aabd846f096c4413df9f08664343cad662ed855ac965f9dfebcc6ebd770304 |