Digital Forensics Framework

Digital Forensics Framework offers a graphical user interface (GUI) developed in PyQt and a classical tree view. Features such as recursive view, tagging, live search and bookmarking are available. Its command line interface allows the user to remotely perform digital investigation. It comes with common shell functions such as completion, task management, globing and keyboard shortcuts. DFF can run batch scripts at startup to automate repetitive tasks. Advanced users and developers can use DFF directly from a Python interpreter to script their investigation.

In addition to the source code package and binary installers for Linux and Windows,{{cite web |url=http://www.digital-forensic.org/downloads/dff |title=Open Source digital forensics & incident response software |publisher=Digital-forensic.org |accessdate=2014-02-16 |archive-url=https://web.archive.org/web/20140204020449/http://www.digital-forensic.org/downloads/dff |archive-date=2014-02-04 |url-status=dead }} Digital Forensics Framework is available in operating system distributions as is typical in free and open-source software (FOSS), including Debian,{{cite web |url=https://www.wzdftpd.net/blog/index.php?post/2011/10/18/DFF-accepted-into-Debian |title=DFF accepted into Debian - Pollux's blog |publisher=Wzdftpd.net |accessdate=2014-02-16 |archive-url=https://web.archive.org/web/20140219010156/https://www.wzdftpd.net/blog/index.php?post%2F2011%2F10%2F18%2FDFF-accepted-into-Debian |archive-date=2014-02-19 |url-status=dead }} Fedora and{{cite web|url=https://www.cert.org/forensics/tools |accessdate=January 24, 2014 |url-status=dead |archiveurl=https://web.archive.org/web/20131104091132/http://www.cert.org/forensics/tools/ |archivedate=November 4, 2013 |title=Linux Forensics Tools Repository }} Ubuntu.

Other Digital Forensics Framework methods available are digital forensics oriented distribution and live cd:

• DEFT Linux Live CD{{cite web |url=http://www.deftlinux.net/2013/02/20/deft-8-roadmap-and-features/ |title=DEFT 8 Roadmap and features | DEFT Linux - Computer Forensics live CD |publisher=DEFT Linux |date= |accessdate=2014-02-16 |archive-url=https://web.archive.org/web/20131103155223/http://www.deftlinux.net/2013/02/20/deft-8-roadmap-and-features/ |archive-date=2013-11-03 |url-status=dead }}
• Kali Linux{{cite web|url=http://git.kali.org/gitweb/?p=packages/dff.git;a=summary |title=Packages Summary |publisher=Git.kali.org |date=2013-02-02 |accessdate=2014-02-16}}

• "Scriptez vos analyses forensiques avec Python et DFF" in the French magazine MISC{{cite web|url=http://boutique.ed-diamond.com/misc/506-misc70.html |title=Misc 70 - LES EDITIONS DIAMOND |publisher=Boutique.ed-diamond.com |date= |accessdate=2014-02-16}}
• Several presentations about DFF in conferences: "Digital Forensics Framework" at ESGI Security Day{{cite web|url=http://www.esgilab-secu.com/fiche.php |accessdate=January 24, 2014 |url-status=dead |archiveurl=https://web.archive.org/web/20140202175327/http://www.esgilab-secu.com/fiche.php |archivedate=February 2, 2014 |title=Security Day }} "An introduction to digital forensics" at RMLL 2013[http://schedule2013.rmll.info/programme/technique/securite/article/introduction-a-l-investigation.pdf]{{dead link|date=February 2014}}

Published books that mention Digital Forensics Framework are:

• Digital Forensics with Open Source Tools (Syngress, 2011){{cite book|title=Digital Forensics with Open Source Tools: Cory Altheide, Harlan Carvey: 9781597495868: Amazon.com: Books |date= 2011-04-28|isbn = 978-1597495868|last1 = Altheide|first1 = Cory|last2= Carvey|first2= Harlan}}
• Computer Forensik Hacks (O'Reilly, 2012){{cite book|title=Computer-Forensik Hacks: Amazon.de: Lorenz Kuhlee, Victor Völzow: Bücher |date=2009-09-09 |id= {{ASIN|3868991212|country=de}} }}
• Malwares - Identification, analyse et éradication (Epsilon, 2013){{cite book|title=Malwares - Identification, analyse et éradication: Amazon.fr: Paul Rascagneres: Livres |date=2009-09-09 |id= {{ASIN|2746079658|country=fr}} }}
• Digital Forensics for Handheld Devices (CRC Press Inc, 2012){{cite book|title=Digital Forensics for Handheld Devices: Amazon.fr: Eamon P. Doherty: Livres anglais et étrangers |date=2009-09-09 |id= {{ASIN|1439898774|country=fr}} }}

• Saving Rain: The First Novel in The Rain Trilogy{{cite web|url=https://www.amazon.com/Saving-Rain-First-Novel-Trilogy-ebook/dp/B00FDN3RTU |title=Saving Rain: The First Novel in The Rain Trilogy eBook: Karen-Anne Stewart: Kindle Store |website=Amazon |date= |accessdate=2014-02-16}}

• Selective Imaging Revisited{{cite book|pages=45–58 |doi=10.1109/IMF.2013.16 |publisher=IEEE |date=2013-03-14 |chapter=Selective Imaging Revisited |last1=Stuttgen |first1=Johannes |last2=Dewald |first2=Andreas |last3=Freiling |first3=Felix C. |title=2013 Seventh International Conference on IT Security Incident Management and IT Forensics |isbn=978-1-4673-6307-5 |s2cid=17356972 }}
• A survey of main memory acquisition and analysis techniques for the windows operating system{{cite journal|url=https://faui1-files.cs.fau.de/public/publications/postprint-voemel-freiling-memory-survey-2011.pdf |title=A survey of main memory acquisition and analysis techniques for the windows operating system |date=2011-07-31 |access-date=2014-02-16 |doi=10.1016/j.diin.2011.06.002 |volume=8 |journal=Digital Investigation |pages=3–22|last1=Vömel |first1=Stefan |last2=Freiling |first2=Felix C. }}
• Uforia : Universal forensic indexer and analyzer{{cite journal|title=Uforia: Universal forensic indexer and analyzer |doi=10.1007/s11416-013-0177-4 |volume=9 |issue=2 |journal=Journal of Computer Virology and Hacking Techniques |pages=59–63|year = 2013|last1 = Eijkhoudt|first1 = Arnim|last2=Suerink |first2=Tristan |s2cid=29814904 }}
• Visualizing Indicators of Rootkit Infections in Memory Forensics{{cite book|pages=122–139 |doi=10.1109/IMF.2013.12 |publisher=IEEE |date=2013-03-14 |chapter=Visualizing Indicators of Rootkit Infections in Memory Forensics |last1=Vomel |first1=Stefan |last2=Lenz |first2=Hermann |title=2013 Seventh International Conference on IT Security Incident Management and IT Forensics |isbn=978-1-4673-6307-5 |s2cid=11765652 }}
• EM-DMKM Case Study Computer and Network Forensics{{cite web |url=http://www.cygalski.pl/cv/files/Forensics.pdf |title=EM-DMKM Case Study Computer and Network Forensics |publisher=Cygalski.pl |access-date=2014-02-16 }}{{Dead link|date=November 2019 |bot=InternetArchiveBot |fix-attempted=yes }}
• OV-chipcard DFF Extension[https://www.os3.nl/_media/2010-2011/students/jochem_van_kerkwijk/cf/cf_report.pdf] {{dead link|date=February 2014}}
• L'investigation numérique « libre »{{cite web|url=http://www.agence-nationale-recherche.fr/Colloques/WISG2013/articles/Article_Larinier.pdf |title=L'investigation numerique |publisher=Agence-nationale-recherche.fr |language=fr |access-date=2014-02-16}}
• Malware analysis method based on reverse technology (恶意 口序分析方法 耐){{cite web|url=http://www.joca.cn/CN/article/downloadArticleFile.do?attachType=PDF&id=15000|title=Journal of Computer Applications : Vol.31 No.11|publisher=Joca.cn|date=November 2011|access-date=2014-02-16}}

DFF was used to solve the 2010 Digital Forensic Research Workshop (DFRWS) challenge consisting of the reconstructing a physical dump of a NAND flash memory.{{cite web|url=http://dfrws.org/2010/challenge/results.shtml |title=DFRWS 2010 Forensics Challenge Results |publisher=Dfrws.org |access-date=2014-02-16 |url-status=dead |archive-url=https://web.archive.org/web/20140203144143/http://dfrws.org/2010/challenge/results.shtml |archive-date=2014-02-03 }}

{{Reflist|30em}}

• {{Official website|www.digital-forensic.org}}

{{DEFAULTSORT:S. B. Jain Institute of Technology Management and Research, Nagpur}}

Category:Computer forensics

Category:Digital forensics software

Category:Free security software

Category:Hard disk software

Category:Unix security-related software