bulk_extractor Logo

bulk_extractor

0
Free
Visit Website

bulk_extractor is a high-performance digital forensics exploitation tool that rapidly scans any kind of input and extracts structured information such as email addresses, credit card numbers, JPEGs, and JSON snippets without parsing the file system or file system structures. The results are stored in text files that are easily inspected, searched, or used as inputs for other forensic processing. bulk_extractor also creates histograms of certain kinds of features that it finds, such as Google search terms and email addresses, as previous research has shown that such histograms are especially useful in investigative and law enforcement applications. Unlike other digital forensics tools, bulk_extractor probes every byte of data to see if it is the start of a sequence that can be decompressed or otherwise decoded. If so, the decoded data are recursively re-examined. As a result, bulk_extractor can find things like BASE64-encoded JPEGs and compressed JSON objects that traditional carving tools miss. This is the bulk_extractor 2.1 development branch! It is reliable, but if you want to have a well-tested product.

FEATURES

ALTERNATIVES

A tool that uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment.

A forensic tool to find hidden processes and TCP/UDP ports by rootkits or other hidden techniques.

Toolkit for performing acquisitions on iOS devices with logical and filesystem acquisition support.

A collection of Mac OS X and iOS forensics resources with a focus on artifact collection and collaboration.

AMExtractor is an Android Memory Extractor tool.

Modern digital forensics and incident response platform with comprehensive tools.

Python script to parse the NTFS USN Change Journal.

A binary analysis platform for analyzing binary programs

PINNED