pjrinaldi
commented
5 years ago Quick searching can be the equivalent of "ctrl+f", implemented in each viewer including the main hex viewer and the file hex viewer. This would allow the user to search within the hex to find content and then highlight something and manually carve it.
Also, would be a good foundation for the dig deeper carver.
Searching should be through the byte level, but results would be returned in byte offsets. Then I would have to do some kind of comparison to determine what file is a part of what offset.
I like the idea of byte offset search results, but I can see the need to know which actual files it was found in or if it was unallocated or deleted or carved or slack.
A more elegant solution exists, I'll just have to figure out how to map what byte offset/block it is in and what file occupies the respective block.