The latest articles on DEV Community by sdasdd (@abcd2132). https://dev.to/abcd2132 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2004531%2F909ef6d1-1450-4635-80f2-e862eb836993.png https://dev.to/abcd2132 en sdasdd Fri, 30 Aug 2024 18:05:50 +0000 https://dev.to/abcd2132/open-source-trace-toolkit-for-retrieval-and-analysis-of-cyber-evidence-5546 https://dev.to/abcd2132/open-source-trace-toolkit-for-retrieval-and-analysis-of-cyber-evidence-5546 <h2> 📂🔍 <a href="https://github.com/Gadzhovski/TRACE-Forensic-Toolkit/?abc" rel="noopener noreferrer">TRACE</a> is a digital forensic analysis tool I developed for my final year project, designed with a user-friendly interface for investigating disk images. 📂🔍 </h2> <p> </p> <h3> 👀 Preview </h3> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdkj414b4paxnefhuwfpm.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fdkj414b4paxnefhuwfpm.png" alt="Preview" width="800" height="552"></a></p> <p> </p> <h3> 🔧 Features </h3> <ul> <li>🗂️ <strong>*Image Mounting:</strong> Mount forensic disk images. (Windows only)</li> <li>🌳 <strong>Tree Viewer:</strong> Navigate disk image structures.</li> <li>🔍 <strong>Detailed File Analysis:</strong> View file content in HEX, text, and application-specific formats.</li> <li>📸 <strong>EXIF Data Extraction:</strong> Extract and display EXIF metadata from pictures.</li> <li>🗂️ <strong>Registry Viewer:</strong> Examine Windows registry files.</li> <li>🔪 <strong>*Basic File Carving -not fully integrated:</strong> Recover deleted files from disk images.</li> <li>🦠 <strong>Virus Total API Integration:</strong> Scan files for malware using Virus Total.</li> <li>✅ <strong>E01 Image Verification &amp; Conversion:</strong> Verify integrity and convert E01 images to raw format.</li> <li>💬 <strong>Message Decoding:</strong> Decode messages from base64, binary, and other encodings.</li> <li><strong>And more!</strong></li> </ul> <p> </p> <h3> 💻🖥️ Cross-Platform Compatibility </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Operating System</th> <th>Screenshot</th> </tr> </thead> <tbody> <tr> <td> <strong>macOS Sonoma</strong> 🍏</td> <td><a href="https://dev-to-uploads.s3.amazonaws.com/uploads/articles/63aqp7xzo6cx1ycbrqw7.png" rel="noopener noreferrer"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F63aqp7xzo6cx1ycbrqw7.png" alt="macOS Screenshot" width="800" height="463"></a></td> </tr> <tr> <td> <strong>Kali Linux 2024</strong> 🐧</td> <td><a href="https://dev-to-uploads.s3.amazonaws.com/uploads/articles/ogbty4h8ivstb3vsbqza.png" rel="noopener noreferrer"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fogbty4h8ivstb3vsbqza.png" alt="Kali Linux Screenshot" width="800" height="366"></a></td> </tr> <tr> <td> <strong>Windows 10</strong> 🗔</td> <td><a href="https://dev-to-uploads.s3.amazonaws.com/uploads/articles/uip0a6p5tqfpwc0n91dr.png" rel="noopener noreferrer"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fuip0a6p5tqfpwc0n91dr.png" alt="Windows Screenshot" width="800" height="400"></a></td> </tr> </tbody> </table></div> <p> </p> <h3> 💾 Supported Image Formats </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Image Format</th> <th>Extensions</th> </tr> </thead> <tbody> <tr> <td>EnCase® Image File (EVF / Expert Witness Format)</td> <td> <code>*.E01</code> <code>*.Ex01</code> </td> </tr> <tr> <td>SMART/Expert Witness Image File</td> <td><code>*.s01</code></td> </tr> <tr> <td>Single Image Unix / Linux DD / Raw</td> <td> <code>*.dd</code>, <code>*.img</code>, <code>*.raw</code> </td> </tr> <tr> <td>ISO Image File</td> <td><code>*.iso</code></td> </tr> <tr> <td>AccessData Image File</td> <td><code>*.ad1</code></td> </tr> </tbody> </table></div> <p> </p> <h3> 🧱 Built With </h3> <ul> <li> <a href="https://pypi.org/project/pytsk3/" rel="noopener noreferrer">pytsk3</a> - Python bindings for the SleuthKit</li> <li> <a href="https://github.com/libyal/libewf" rel="noopener noreferrer">libewf-python</a> - Library to access the Expert Witness Compression Format (EWF)</li> <li> <a href="https://pypi.org/project/PySide6/" rel="noopener noreferrer">PySide6</a> - Used for the GUI components.</li> <li> <a href="https://arsenalrecon.com/products/image-mounter/" rel="noopener noreferrer">Arsenal Image Mounter</a> - For mounting forensic disk images.</li> </ul> <p> </p> <h3> 🔗 Explore TRACE on GitHub: </h3> <p><a href="https://github.com/Gadzhovski/TRACE-Forensic-Toolkit/?abc" rel="noopener noreferrer">https://github.com/Gadzhovski/TRACE-Forensic-Toolkit/?abc</a></p> <p> </p> <h3> Socials 👨‍💻 </h3> <p><a href="https://linkedin.com/in/radoslav-gadzhovski" rel="noopener noreferrer"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--vzAfJio0--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://img.shields.io/badge/LinkedIn-%25230077B5.svg%3Flogo%3Dlinkedin%26logoColor%3Dwhite" alt="LinkedIn" width="75" height="20"></a></p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--d8qT-weE--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://img.shields.io/badge/version-1.0.0-blue.svg" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--d8qT-weE--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://img.shields.io/badge/version-1.0.0-blue.svg" alt="Version" width="90" height="20"></a><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--LMiPqkcK--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://img.shields.io/badge/license-MIT-green.svg" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--LMiPqkcK--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://img.shields.io/badge/license-MIT-green.svg" alt="License" width="82" height="20"></a></p> opensource beginners python cybersecurity