Hello all!
I would like to know your opinion about software during developing process. With few firends we decided to write a set of our own digital forensic tools as there's always something that doesn't meet our expectations when using software available on market. We've just started and I don't expect the project to move very fast as we're doing it during our free time. However we already developed some beta version for analyzing Google Chrome history files. Yes, I know that there is some sort of tools for do this, both commercial and free, but we have our own vision of raporting data. And after all I think that more tools means more possibilities and it's better if user have a choice.
Anyway we've started and have ambitions to make it quite useful set. At least for us 😉 After Chrome we want to start work on Skype and particular polish IM - GG. Then maybe some modules for e-mails. We'll see. At this time we'de like to know what - in your opinion - is right way, and what definitely not. We have an experience in digital investigation but in specific category, so wider view will be appreciated. Our current work can be downloaded from
Best regards,
Chris
Hello again!
We have finally finished first release version. Completed module is a tool for analyzing polish IM, Gadu-Gadu in version 10, also known as Nowe Gadu-Gadu. This module has option for analyzing single files or whole profile. We know well that only limited number of digital forensics specialist will be interested in use of this tool, but it is a kind of tribute for our friends from Poland which helped us a lot. Thanks guys.
For now we're focusing on Chrome AF module, which release version should be ready for publishing at the end of the March 2014. For now You can download beta version of this module. We're still waiting for suggestions what kind of tools should we focus on next. Anyway - thank you all for support and comments, they're very helpfull!
All new and old releases you can download from DOWNLOAD section on
Best regards, Chris BB.
ChrisBB,
Have you taken a look at Autopsy3? We started working on it a couple of years ago for similar reasons (i.e. that sometimes you need really specific modules and the existing tools are too closed to support that approach without copying a lot of data around).
General info about the tool can be found here
http//
The developer's guide for writing modules can be found here
http//
There are some third party modules that can be incorporated and we're listing those on the wiki
http//
Of course I know the SleuthKit and Autopsy 😉 however it was a long time when I used it last time so I'll be happy to take a look at it now. IMHO it's a best "last chance" tool set when everything else will fail. Especially when you trying to analyze systems based on ExtX partitions - all main tools like EnCase or FTK are quite poor in this field.
Thank you for suggestion and we'll consider to help creating modules for Autopsy as well.
Best regards,
Chris BB