Carve base64 encoded images and other formats

sepinf-inc / IPED

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

Other

884 stars 209 forks source link

Carve base64 encoded images and other formats #2128

Open lfcnassif opened 3 months ago

lfcnassif commented 3 months ago

This is an old idea, documenting it here for a future implementation.

gfd2020 commented 1 week ago

Maybe regular expressions in base64 could help with the already implemented carvers with signatures. Below is a example of a regular expression generator:

https://labs.inquest.net/tools/yara/b64-regexp-generator

https://inquest.net/blog/base64-encoded-regular-expressions-fun-and-profit/