BlackBag Releases APFS Source Code To The Sleuth Kit® Framework

by

In an effort to give back to the DFIR community, BlackBag has released its Apple File System (APFS) source code to The Sleuth Kit for examiners all over the world to use for free.

Within the DFIR community, support for fundamental structures, like file systems, across tools is essential for examiners to complete their work. BlackBag Technologies has provided industry-leading support for Apple devices this past year by quickly releasing complete support for Apple’s latest file system (APFS), all of the encryption variations and APFS Snapshots. With macOS and iOS rapidly driving adoption rates of this new file system, we want to make sure examiners have access to the best and most complete support for APFS.That is why BlackBag has decided to release our source code for the APFS file system in a format that can be used by The Sleuth Kit® (TSK) framework – it is a way for us to give back to the DFIR community.

TSK is a collection of command line tools and a C library that allows examiners to analyze disk images and recover files from them. It is used behind the scenes in Autopsy and many other open source and commercial forensics tools.

To learn more about what we are releasing and how the community can help, please see our Director of Research and Development, Dr. Joe Sylve, the primary developer for this support, discuss this announcement in this overview video.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

As of December 19, 2018, you can find BlackBag’s source code for APFS at: https://github.com/blackbagtech/sleuthkit-APFS/

BlackBag believes the work DFIR examiners do makes a difference. We are committed to providing law enforcement, government, and corporations the crucial ability to determine facts pertinent to solving criminal and civil matters and examining security incidents.

We hope this holiday, and really all year, we’ve made it easier to reveal the truth.

Read more on our blog here.

About BlackBag Technologies:

BlackBag® Technologies offers innovative forensic acquisition and analysis tools for both Windows and Mac OS X based computers, as well as iOS and Android mobile devices. Its forensic software is used by hundreds of federal, state, and local law enforcement agencies around the world, as well as by leading corporations and consultants, to investigate all types of digital evidence associated with both criminal, civil and internal investigations. BlackBag® Technologies also develops and delivers expert forensics training and certification programs, designed for both novice and experienced forensics professionals. To learn more, visit www.blackbagtech.com.

For more information, please contact us at [email protected][email protected].

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
Si and Desi talk to Monica Harris, Project Business Manager at Cellebrite, about current eDiscovery challenges. They cover some of the reoccurring pain points customers experience during the integration stage, the difficulties of collecting mobile data for investigations, and the development of legal holds and how they influence digital forensic cases. This episode also touches on the role of machine learning in eDiscovery and how large amounts of data can be reformatted for the review stage of a case.

Si and Desi talk to Monica Harris, Project Business Manager at Cellebrite, about current eDiscovery challenges. They cover some of the reoccurring pain points customers experience during the integration stage, the difficulties of collecting mobile data for investigations, and the development of legal holds and how they influence digital forensic cases.

This episode also touches on the role of machine learning in eDiscovery and how large amounts of data can be reformatted for the review stage of a case.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_JuNuKXseh04

Cellebrite’s Solutions To Current eDiscovery Challenges

Forensic Focus 41 views 7th June 2023 12:05 pm

In this Oxycast webinar, Ryan, from the Oxygen Forensic Training team, discusses the evolution and impact of dating apps, with a focus on forensic analysis. Ryan also demonstrates how you can analyze popular dating applications using the Oxygen Forensic Detective software.

In this Oxycast webinar, Ryan, from the Oxygen Forensic Training team, discusses the evolution and impact of dating apps, with a focus on forensic analysis. Ryan also demonstrates how you can analyze popular dating applications using the Oxygen Forensic Detective software.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_90k-LHOjmcE

Dating Application Analysis

Forensic Focus 73 views 30th May 2023 12:07 pm

In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices. Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity. Show Notes: 100 Days of Code: The Complete Python Pro Bootcamp for 2023 - https://www.udemy.com/course/100-days-of-code/ Domestika - https://www.domestika.org/en MIT OpenCourseWare - https://www.youtube.com/@mitocw MasterClass - https://www.masterclass.com/ Raspberry Pi 400 Complete Kit - https://core-electronics.com.au/raspberry-pi-400-kit.html Flipper Discord - https://discord.com/invite/flipper Flipper Zero - https://flipperzero.one/ This Programmer Figured Out How to Play Doom on a Pregnancy Test - https://www.popularmechanics.com/science/a33957256/this-programmer-figured-out-how-to-play-doom-on-a-pregnancy-test/ Here’s a dude playing Doom Eternal on his fridge - https://www.polygon.com/2020/10/13/21514933/doom-eternal-refrigerator-door-samsung-smart-refrigerator-xbox-game-pass-richard-mallard Doom hacker gets Doom running in Doom - https://www.pcgamer.com/doom-hacker-gets-doom-running-in-doom/ Doom Running On A Calculator Powered By Old Potatoes - https://kotaku.com/doom-running-on-a-calculator-powered-by-old-potatoes-1845374069 GoldenEra - https://www.imdb.com/title/tt11753760/ Racing the Beam - https://en.wikipedia.org/wiki/Racing_the_Beam High Score (TV series) - https://en.wikipedia.org/wiki/High_Score_(TV_series) Microcontroller Courses (Udemy) - https://www.udemy.com/topic/microcontroller/ The story of Final Fantasy XIV’s renegade do-good modders - https://www.pcgamesn.com/final-fantasy-xiv/ffxiv-modders-renegade-do-gooders Logical fallacies - https://yourlogicalfallacyis.com/

In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices.

Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity.

Show Notes:

100 Days of Code: The Complete Python Pro Bootcamp for 2023 - https://www.udemy.com/course/100-days-of-code/

Domestika - https://www.domestika.org/en

MIT OpenCourseWare - https://www.youtube.com/@mitocw

MasterClass - https://www.masterclass.com/

Raspberry Pi 400 Complete Kit - https://core-electronics.com.au/raspberry-pi-400-kit.html

Flipper Discord - https://discord.com/invite/flipper

Flipper Zero - https://flipperzero.one/

This Programmer Figured Out How to Play Doom on a Pregnancy Test - https://www.popularmechanics.com/science/a33957256/this-programmer-figured-out-how-to-play-doom-on-a-pregnancy-test/

Here’s a dude playing Doom Eternal on his fridge - https://www.polygon.com/2020/10/13/21514933/doom-eternal-refrigerator-door-samsung-smart-refrigerator-xbox-game-pass-richard-mallard

Doom hacker gets Doom running in Doom - https://www.pcgamer.com/doom-hacker-gets-doom-running-in-doom/

Doom Running On A Calculator Powered By Old Potatoes - https://kotaku.com/doom-running-on-a-calculator-powered-by-old-potatoes-1845374069

GoldenEra - https://www.imdb.com/title/tt11753760/

Racing the Beam - https://en.wikipedia.org/wiki/Racing_the_Beam

High Score (TV series) - https://en.wikipedia.org/wiki/High_Score_(TV_series)

Microcontroller Courses (Udemy) - https://www.udemy.com/topic/microcontroller/

The story of Final Fantasy XIV’s renegade do-good modders - https://www.pcgamesn.com/final-fantasy-xiv/ffxiv-modders-renegade-do-gooders

Logical fallacies - https://yourlogicalfallacyis.com/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_5f72B6DD5wk

Programming Languages, Flipper And Gaming

Forensic Focus 75 views 24th May 2023 11:43 am

Load More... Subscribe

Latest Articles

Digital Forensics Round-Up, June 08 2023
News

Digital Forensics Round-Up, June 08 2023

ByForensic FocusJun 8, 2023
Presentation On Video Evidence Principles At The European Parliament
News

Presentation On Video Evidence Principles At The European Parliament

ByAmpedSoftwareJun 8, 2023
Cellebrite’s Solutions To Current eDiscovery Challenges
Podcast

Cellebrite’s Solutions To Current eDiscovery Challenges

ByForensic FocusJun 7, 2023
ADF Solutions Announces Sponsorship And Speaking Session At Techno Security East
News

ADF Solutions Announces Sponsorship And Speaking Session At Techno Security East

ByadfsolutionsJun 6, 2023
Why DFIR Is The New Frontier Of Cybersecurity
News

Why DFIR Is The New Frontier Of Cybersecurity

ByBinalyzeJun 5, 2023
Magnet Forensics Now Offering Training In New Online Self-Paced Microlearning Format
News

Magnet Forensics Now Offering Training In New Online Self-Paced Microlearning Format

ByMagnetForensicsJun 2, 2023
Share to...
BufferCopyFlipboardHacker NewsLineLinkedInMessengerMixPinterestPocketPrintRedditSMSTelegramTumblrVKWhatsAppXingYummly