File Browser — Open-Source Web File Manager You Can Self-Host
Digler — Open-Source Disk Forensics and File Recovery Tool
Digler is an open-source disk forensics and file recovery utility designed for analyzing raw disks and disk images. It is written in Go, distributed as a CLI tool, and focuses on recovering deleted files and extracting forensic metadata.
Quick and Easy Installation
What Problem Does Digler Solve?
When files are deleted, the file system metadata may be lost, but the raw data often remains on disk. Digler helps by:
- scanning raw disks or disk images
- carving files without filesystem metadata
- extracting forensic evidence
- producing machine-readable forensic reports
This makes it useful for:
- digital forensics
- incident response
- data recovery
- security research
- educational labs
SEO keywords covered:
disk forensics tool, file recovery CLI, digital forensics Go, raw disk analysis, DFXML
Key Features
- 🔍 Scan raw disks and disk images
- 🧩 File carving without filesystem metadata
- 📄 DFXML (Digital Forensics XML) report generation
- 🧱 Modular plugin-based architecture
- ⚡ Cross-platform (Linux, macOS, Windows)
- 🔓 Open-source
High-Level Architecture
Disk / Image
↓
Block Scanner
↓
Signature Detection
↓
File Carving Engine
↓
Recovered Files + DFXML Report
The plugin system allows Digler to recognize multiple file formats.
Tech Stack
- Language: Go
- Interface: CLI
- Output: Files + DFXML XML
- Architecture: Modular / plugin-based
Installation
Start Quickly with Easy Installation
Build from Source
git clone https://github.com/ostafen/digler.git
cd digler
make build
The compiled binary will be available in the bin/ directory.
Basic Usage
Scan a Disk Image
digler scan disk.img
Recover Files
digler recover disk.img --output recovered_files/
Generate Forensic Report
digler scan disk.img --dfxml report.xml
The DFXML file can be used in forensic pipelines and automated analysis.
Plugin System
Digler uses plugins to identify and recover file types.
Each plugin defines:
- file signature
- block structure
- extraction logic
This allows easy extension for new formats.
Use Cases
- Digital forensics investigations
- Malware and incident response
- Recovering accidentally deleted files
- Security training and labs
- Research on file systems
Safety Notes
- Always work on disk images, not live disks
- Use read-only access when possible
- Ensure you have legal authorization to analyze data
Why Digler Is Worth Using
Digler is valuable because it:
- focuses on raw forensic workflows
- avoids unnecessary UI complexity
- produces structured forensic output
- is easy to extend and audit
It’s a solid open-source alternative for forensic tooling.
Final Thoughts
If you work with:
- disk images
- forensic analysis
- data recovery
- security tooling
Digler is worth exploring and learning from.
Top comments (0)