Digital Forensics Framework
Dff is a simple but powerful open source tool with a flexible module system which will help you in your digital forensics works, including files recovery due to error or crash, evidence research and analysis, etc. The source code is written in C++ and Python, allowing performances and great extensibility.
Although dff is quite young, it already provides a robust architecture and some handy modules. You could download and try it via the Dowload page. Source code, Debian packages and even windows setup are available. Any contribution, suggestion or remark are welcome !
Why this project?
Nowadays computer forensic analysis tools are mainly large proprietary software developed by some well-known companies.
Few free and open source tools offers the same type of fully integrated software, most of them are implemented as stand alone tools. Although some framework exists, they are not very user or developer friendly. That is why we decided to develop this tool as a free and open source and multi-platform framework.
This project follows three main goals :
- Modularity. In contrary to the monolithic model, the modular model is based on an a host and many modules. This modular conception presents two advantages : it permits to improve rapidly the software and to split easily tasks for developers
- Scriptability, it is obvious that the ability to be scripted gives more flexibility to a tool, but it enables automation and gives the possibility to extend features
- Genericity, the project tries to remain OS independent. We want to help people where they are ! Letting them choose any Operating System to use this software
Links: DFF : Open Source software for computer forensics & eDiscovery