2020-04-15 06:58:28 +00:00
|
|
|
# dfDewey
|
2020-03-27 00:04:00 +00:00
|
|
|
dfDewey is a digital forensics string extraction, indexing, and searching tool.
|
2019-09-25 05:36:17 +00:00
|
|
|
|
2020-04-15 06:58:28 +00:00
|
|
|
[Usage](docs/usage.md)
|
|
|
|
|
|
|
|
|
|
## Requirements
|
2020-03-30 00:28:54 +00:00
|
|
|
dfDewey currently requires bulk_extractor for string extraction.
|
2020-07-17 01:26:19 +00:00
|
|
|
bulk_extractor can be downloaded and built from source here:
|
|
|
|
|
https://github.com/simsong/bulk_extractor
|
|
|
|
|
|
|
|
|
|
bulk_extractor can also be installed from the GIFT PPA.
|
|
|
|
|
|
|
|
|
|
```shell
|
|
|
|
|
sudo add-apt-repository ppa:gift/stable
|
|
|
|
|
sudo apt update
|
|
|
|
|
sudo apt install -y bulk-extractor
|
|
|
|
|
```
|
2020-03-30 00:28:54 +00:00
|
|
|
|
2020-06-24 01:06:09 +00:00
|
|
|
Elasticsearch and PostgreSQL are also required to store extracted data.
|
2020-07-17 01:26:19 +00:00
|
|
|
These can be installed separately or started in Docker using `docker-compose`.
|
|
|
|
|
|
|
|
|
|
```shell
|
|
|
|
|
cd dfdewey/docker
|
|
|
|
|
sudo docker-compose up -d
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Note: To stop the containers (and purge the stored data) run
|
|
|
|
|
`sudo docker-compose down` from the `dfdewey/docker` directory.
|
2020-03-30 00:28:54 +00:00
|
|
|
|
|
|
|
|
All other requirements can be installed using pip:
|
|
|
|
|
`pip install -r requirements.txt`
|
