new: [hashlookup-forensic-analyser] find if files are part of known set

cugu / awesome-forensics

⭐️ A curated list of awesome forensic analysis tools and resources

http://cugu.github.io/awesome-forensics/

Creative Commons Zero v1.0 Universal

3.98k stars 623 forks source link

new: [hashlookup-forensic-analyser] find if files are part of known set #54

Closed adulau closed 2 years ago

adulau commented 2 years ago

find if files are part of known set software distribution such as Windows NSRL, Linux distribution via hashlookup service.

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service or the Bloom filter from CIRCL hashlookup. This tool can help a digital forensic investigator to know the context, origin of specific files during a digital forensic investigation.

cugu commented 2 years ago

@adulau: My pleasure to merge this. Thanks for all your open source work!