dfDewey is a digital forensics string extraction, indexing, and searching tool.

Find a file

Jason f4d96c2ccb Merge pull request #3 from rgayon/timeout Add timeout parameter for ElasticSearch		2020-10-13 16:27:24 +11:00
dfdewey	add timeout	2020-05-07 16:44:07 +02:00
docker	Install bulk_extractor from GIFT PPA	2020-10-13 16:23:33 +11:00
docs	Updating usage docs for Docker	2020-06-24 11:06:09 +10:00
.gitignore	Update to use standard version of bulk_extractor	2019-11-11 13:48:19 +11:00
CONTRIBUTING.md	Added license	2020-03-05 16:12:39 +11:00
LICENSE.txt	Added license	2020-03-05 16:12:39 +11:00
README.md	Update readme	2020-07-17 11:26:19 +10:00
requirements.txt	Use psycopg2-binary	2020-05-06 06:47:14 +00:00

README.md

dfDewey

dfDewey is a digital forensics string extraction, indexing, and searching tool.

Usage

Requirements

dfDewey currently requires bulk_extractor for string extraction. bulk_extractor can be downloaded and built from source here: https://github.com/simsong/bulk_extractor

bulk_extractor can also be installed from the GIFT PPA.

sudo add-apt-repository ppa:gift/stable
sudo apt update
sudo apt install -y bulk-extractor

Elasticsearch and PostgreSQL are also required to store extracted data. These can be installed separately or started in Docker using docker-compose.

cd dfdewey/docker
sudo docker-compose up -d

Note: To stop the containers (and purge the stored data) run sudo docker-compose down from the dfdewey/docker directory.

All other requirements can be installed using pip: pip install -r requirements.txt