FindMeThangs!
An all-in-one n00b friendly command line based digital forensics utility in Ruby.
Image Options [1]
- Create Image
- Wipe Image
Drive Info [2]
- md5sum
- mmls
- mmstat
- fsstat
- blkstat
File Recovery [3]
- Foremost
- Photorec
- Scalpel
File Structure [4]
- fls
Timeline [5]
- fls & mactime
PDF Report [6]
- All of the above in a PDF.
Select Image [7]
- Switch between images.
Help [8]
- Kind of man page
Exit [0]
- Get out of the choppah!
ruby ./findmethangs "optional_image_location.img"
-
Linux based environment (SIFT VM preferred)
-
Ruby 2.0.0 or higher
-
Sleuthkit
-
Enscript and ps2pdf - For PDF report
No known bugs.
Clint Bettiga
Lakshya Kapoor
Released under the laws of Master Zeichick (CINS 548) at California State University, Chico.