-
Notifications
You must be signed in to change notification settings - Fork 12
Home
This wiki will contain documentation related to the development, deployment, and usage of Wombat Forensics. I've got a ways to go to get all the documentation written and posted, but I'll do what I can to get it finished by the v1.0 release.
Working on the v0.5 release. During the v0.4 coding, I decided to remove TSK filesystem parsing instead to opt for my own so I can add parsing other filesystems not covered by the sleuthkit. Finished FAT12, FAT16, and FAT32, and EXFAT. Done with EXT2/3/4.
As for v0.5, I just finished implementing hash comparison from known hash lists. These can be either generated from files within wombatforensics or using the command line wombathasher tool. Lists generated with the wombathasher tool can be imported into wombat forensics and used. Starting on HFS+, HFS, and APFS parsing.