Hi,
I am doing an MSc in Computer Forensics and have been a member on this forum for a year and half or so.
For my course we have to do a Practicum/Thesis and am trying to get together some ideas's on a project.
I am looking to do some work on new technologies or procedure's which would make the work of an examiner easier or more efficient. Since I have no "real-world" experience can anyone recommened any idea's which they feel would be of beneft to them.
Thanks for your time
Danny
I wold personally like to see improvement in a forensic framework. One that allows the examiner to develope their own tools without having to write the low level code functions. I know I have seen a couple people mention something like this but dont think it ever panned out.
Thanks for your reply gtorgerson, much appreciated..
What excatly do you mean by a framework to develop your own tools, do you mean for example a high level coding language that is forensics based or a specific framework for investigation procedures?
What I mean is an environemt that programmers can hook into that already has the basic framework handling the disk level code, filtering of ATA commands for read write and things like that. I would like to see a community for it where all people are working on developing. Then others can add to it things like Perl script support, SQL support for T-SQL queries on data. Some of the bigger players like EnCase and Prodiscover allow you to do some scripting but it is still somewhat limited.
Once you allow people freedom for these types of things they generally take on a life of their own and you eventually have hunders of Modules and plugins and a whole toolkit of open source code.
I hope you like assembly, C and device drivers.
Good luck.
Thanks for your ideas..
What I mean is an environemt that programmers can hook into that already has the basic framework handling the disk level code, filtering of ATA commands for read write and things like that. I would like to see a community for it where all people are working on developing. Then others can add to it things like Perl script support, SQL support for T-SQL queries on data. Some of the bigger players like EnCase and Prodiscover allow you to do some scripting but it is still somewhat limited.
Once you allow people freedom for these types of things they generally take on a life of their own and you eventually have hunders of Modules and plugins and a whole toolkit of open source code.
I hope you like assembly, C and device drivers.
Good luck.
So, basically you're looking for someone to duplicate the functionality that C programming and Perl scrippting provide in Linux, without having to take the time to learn the specific syntax or programming concepts….?
No. Not really.
Have you any different thoughts or ideas yourself jeffcaplan?
Thanks