Open Computer Forensics Architecture 2.2.0pl1

Open Computer Forensics Architecture is a modular computer forensics framework built by the Dutch National Police Agency.
Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework built by the Dutch National Police Agency. The main goal is to automate the digital forensic process to speed up the investigation and give tactical investigators direct access to the seized data through an easy to use search and browse interface.

The architecture forms an environment where existing forensic tools and libraries can be easily plugged into the architecture and can thus be made part of the recursive extraction of data and metadata from digital evidence.

The Open Computer Forensics Architecture aims to be highly modular, robust, fault tolerant, recursive and scalable in order to be usable in large investigations that spawn numerous terabytes of evidence data and covers hundreds of evidence items.

last updated on:
August 6th, 2009, 13:47 GMT
price:
FREE!
developed by:
KLPD
license type:
GPL (GNU General Public License) 
category:
ROOT \ System \ Shells

FREE!

In a hurry? Add it to your Download Basket!

user rating 26

UNRATED
3.0/5
 

0/5

What's New in version 2.2.0pl0
  • Improvements:
  • The treegraph library refactoring has been completed. The treegrapgh lib now fully allows advanced dissectors and kickstart modules to be build by thirdparty vendors and users. A generic 'tree' dissector module and a generic 'kicktree' kickstart are available. If you build a treegraph library loadable module, this module can be used and run either as module for kicktree, or can be started as an advanced dissector by the generic 'tree' ocfa dissector module.
  • Multiple improvements to the ocfa store library:
  • Minor change to the API to allow future implementation of the PgBlobAppendRepository, that is needed for tighter integration between CarvFs, OCFA and CarvFs aware treegraph based modules.
read full changelog

Add your review!

SUBMIT