c-aff4 Logo

c-aff4

0
Free
Visit Website

The Advanced Forensics File Format 4 (AFF4) is an open source format used for the storage of digital evidence and data. This project implements a C/C++ library for creating, reading and manipulating AFF4 images, and includes the canonical aff4imager binary which provides a general purpose standalone imaging tool. The library and binary are known to work on Linux, Windows, and OSX. It supports reading and writing ZipFile style volumes, Directory style volumes, and AFF4 Image streams using deflate or snappy compressor. It also supports multi-threaded imaging for efficient utilization on multi-core systems. However, it does not currently implement Section 6. Hashing of the standard, including verifying or generating linear or block hashes.

FEATURES

ALTERNATIVES

A library to access and parse Windows Shortcut File (LNK) format.

A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.

Yara pattern matching tool for forensic investigations with predefined rules for magic headers in files and raw images.

A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.

A collection of tools for extracting and analyzing information from .git repositories

OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.

A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.

PINNED