Linux-based digital forensics command-line toolkit
Project description
PyForensicKit
PyForensicKit is a Linux-based digital forensics command-line toolkit designed to assist investigators in analyzing digital evidence while preserving forensic integrity.
Features
- Cryptographic hashing (MD5, SHA1, SHA256)
- File metadata extraction
- Read-only evidence analysis
- JSON, HTML, and PDF report generation
- Modular and extensible architecture
- File system timeline reconstruction
- CSV and JSON timeline export
- Evidence integrity verification
Installation
git clone https://github.com/samuelselasi/pyforensickit.git
cd pyforensickit
pip install -r requirements.txt
Usage
Basic JSON report:
python -m pyforensickit.cli.main /path/to/evidence --output report.json
Export timeline as CSV:
python -m pyforensickit.cli.main /path/to/evidence --timeline-csv timeline.csv
Generate HTML and PDF reports with integrity verification:
python -m pyforensickit.cli.main /path/to/evidence \
--output report.json \
--report-html report.html \
--report-pdf report.pdf \
--verify-integrity \
--case-id CASE-2026-01 \
--investigator "John Doe" \
--description "Baseline system analysis"
Forensic Considerations
- No evidence modification
- Hashes computed directly from disk
- Integrity of evidence verified before and after analysis
- Designed for offline analysis
- Intended for educational and research purposes
Roadmap
- Timeline reconstruction improvements
- Deleted file detection
- Email and browser artifact analysis
- Web interface for visual reporting
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pyforensickit-0.1.0.tar.gz.
File metadata
- Download URL: pyforensickit-0.1.0.tar.gz
- Upload date:
- Size: 8.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
54995b37cf9bbc17e6e1ba29b866aafd3f399ad4fff96f077b0542b08f6ee4c1
|
|
| MD5 |
2174c6f1485552f41132558c26c65907
|
|
| BLAKE2b-256 |
57818224b785a3b9efa9c08fc1f2a5128fabe482d85f0542fa06e793e62eec3a
|
File details
Details for the file pyforensickit-0.1.0-py3-none-any.whl.
File metadata
- Download URL: pyforensickit-0.1.0-py3-none-any.whl
- Upload date:
- Size: 8.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
54be2c8165d66dc1ade6efe78b3182e87ca3da9f4e226d8dcbc0197f076fb440
|
|
| MD5 |
90918fdd1fdca4f6d01d509f2653b40e
|
|
| BLAKE2b-256 |
7f922b95cd1cb7cabd7c65573fae9670a7a8cc25f1f8806d180902d40f166511
|
