File Browser — Open-Source Web File Manager You Can Self-Host
Digler — Open-Source Disk Forensics and File Recovery Tool
Digler is an open-source disk forensics and file recovery utility designed for analyzing raw disks and disk images. It is written in Go, distributed as a CLI tool, and focuses on recovering deleted files and extracting forensic metadata.
GitHub repository:
https://github.com/ostafen/digler
What Problem Does Digler Solve?
When files are deleted, the file system metadata may be lost, but the raw data often remains on disk. Digler helps by:
- scanning raw disks or disk images
- carving files without filesystem metadata
- extracting forensic evidence
- producing machine-readable forensic reports
This makes it useful for:
- digital forensics
- incident response
- data recovery
- security research
- educational labs
SEO keywords covered:
disk forensics tool, file recovery CLI, digital forensics Go, raw disk analysis, DFXML
Key Features
- 🔍 Scan raw disks and disk images
- 🧩 File carving without filesystem metadata
- 📄 DFXML (Digital Forensics XML) report generation
- 🧱 Modular plugin-based architecture
- ⚡ Cross-platform (Linux, macOS, Windows)
- 🔓 Open-source
High-Level Architecture
Disk / Image
↓
Block Scanner
↓
Signature Detection
↓
File Carving Engine
↓
Recovered Files + DFXML Report
The plugin system allows Digler to recognize multiple file formats.
Tech Stack
- Language: Go
- Interface: CLI
- Output: Files + DFXML XML
- Architecture: Modular / plugin-based
Installation
Build from Source
git clone https://github.com/ostafen/digler.git
cd digler
make build
The compiled binary will be available in the bin/ directory.
Basic Usage
Scan a Disk Image
digler scan disk.img
Recover Files
digler recover disk.img --output recovered_files/
Generate Forensic Report
digler scan disk.img --dfxml report.xml
The DFXML file can be used in forensic pipelines and automated analysis.
Plugin System
Digler uses plugins to identify and recover file types.
Each plugin defines:
- file signature
- block structure
- extraction logic
This allows easy extension for new formats.
Use Cases
- Digital forensics investigations
- Malware and incident response
- Recovering accidentally deleted files
- Security training and labs
- Research on file systems
Safety Notes
- Always work on disk images, not live disks
- Use read-only access when possible
- Ensure you have legal authorization to analyze data
Why Digler Is Worth Using
Digler is valuable because it:
- focuses on raw forensic workflows
- avoids unnecessary UI complexity
- produces structured forensic output
- is easy to extend and audit
It’s a solid open-source alternative for forensic tooling.
Final Thoughts
If you work with:
- disk images
- forensic analysis
- data recovery
- security tooling
Digler is worth exploring and learning from.
Top comments (0)