上传   管理   搜索   留言
Pudn.com > 下载中心  > Python编程  > efetch
efetch
去下载(0) 赞(36) 踩(0) 评论(0) 收藏(0)
所属分类:Python编程
开发工具:HTML
文件大小:0KB
下载次数:0
上传日期:2020-04-11 20:12:14
上 传 者sh-1993
说明:  Evidence Fetcher(efetch)是一种基于web的文件资源管理器、查看器和分析器。
(Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.)
文件列表:
Dockerfile (3689, 2020-04-11)
LICENSE (11347, 2020-04-11)
MANIFEST.in (246, 2020-04-11)
dfvfs.requirements.txt (511, 2020-04-11)
efetch (2936, 2020-04-11)
efetch_plugins.yml (11653, 2020-04-11)
efetch_server/ (0, 2020-04-11)
efetch_server/__init__.py (0, 2020-04-11)
efetch_server/efetch_app.py (4666, 2020-04-11)
efetch_server/plugins/ (0, 2020-04-11)
efetch_server/plugins/core/ (0, 2020-04-11)
efetch_server/plugins/core/analyze/ (0, 2020-04-11)
efetch_server/plugins/core/analyze/analyze.py (3330, 2020-04-11)
efetch_server/plugins/core/analyze/analyze.yapsy-plugin (206, 2020-04-11)
efetch_server/plugins/core/directory/ (0, 2020-04-11)
efetch_server/plugins/core/directory/directory.py (10605, 2020-04-11)
efetch_server/plugins/core/directory/directory.yapsy-plugin (193, 2020-04-11)
efetch_server/plugins/core/download/ (0, 2020-04-11)
efetch_server/plugins/core/download/download.py (1138, 2020-04-11)
efetch_server/plugins/core/download/download.yapsy-plugin (183, 2020-04-11)
efetch_server/plugins/core/overview/ (0, 2020-04-11)
efetch_server/plugins/core/overview/overview.py (2091, 2020-04-11)
efetch_server/plugins/core/overview/overview.yapsy-plugin (215, 2020-04-11)
efetch_server/plugins/core/preview/ (0, 2020-04-11)
efetch_server/plugins/core/preview/preview.py (1840, 2020-04-11)
efetch_server/plugins/core/preview/preview.yapsy-plugin (180, 2020-04-11)
efetch_server/plugins/core/thumbnail/ (0, 2020-04-11)
efetch_server/plugins/core/thumbnail/thumbnail.py (1117, 2020-04-11)
efetch_server/plugins/core/thumbnail/thumbnail.yapsy-plugin (218, 2020-04-11)
efetch_server/plugins/fa_action/ (0, 2020-04-11)
efetch_server/plugins/fa_action/action_template.html (7970, 2020-04-11)
efetch_server/plugins/fa_action/fa_action.py (2493, 2020-04-11)
efetch_server/plugins/fa_action/fa_action.yapsy-plugin (245, 2020-04-11)
efetch_server/plugins/fa_action/fa_action_ajax.py (8991, 2020-04-11)
efetch_server/plugins/fa_action/fa_action_ajax.yapsy-plugin (237, 2020-04-11)
efetch_server/plugins/fa_attach/ (0, 2020-04-11)
efetch_server/plugins/fa_attach/fa_attach.py (4665, 2020-04-11)
... ...
# efetch Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer. Efetch supports viewing hundreds of file types including office, registry, PST, image, and SQLite files. Efetch supports navigating RAW, E01, ZIP, GZ, TAR, VMDK, VHD, QCOW, and BZ2 files thanks to dfVFS. # Docker The fastest way to get started with Efetch is using Docker. Download efetch and cd to its direcotry. Then create the Docker image: ``` docker build -t efetch -f Dockerfile . ``` Then run the Docker container in a directory with your evidence: ``` docker run -p 8080:8080 -v $(pwd):$(pwd) -w $(pwd) efetch efetch --address=0.0.0.0 --defaultpath=$(pwd) ``` Finaly goto "http://localhost:8080" using a web browser # Install Below is a list of dependencies for **efetch**: * python * plaso * setuptools (>=28.5.0) * pip * libpff * zlib * libjpeg * libtff On Ubuntu 16.04 these packages can be installed using the following commands: ```bash sudo add-apt-repository -y ppa:gift/stable sudo add-apt-repository -y ppa:sift/stable sudo apt-get update sudo apt-get install -y python-plaso python-dev python-setuptools unoconv libpff libpff-python zlib1g-dev libjpeg-dev libtiff5-dev python-pip sudo pip install setuptools -U ``` Once these dependencies are met, efetch can be installed using the python setup tools. Download the **efetch** repository and run setup.py: ```bash sudo python setup.py install ``` # Usage After installation run the command **efetch** in the terminal and navigate to **localhost:8080** in a browser. From the home page, either browse your local file system directly using the **browse** option or enter a **pathspec**. Evidence can be navigated by simply clicking the file name or icon. ![alt tag](https://cloud.githubusercontent.com/assets/13810976/19585127/e1bb1e08-9717-11e6-8fcf-069be4b4957c.gif) The **efetch** command supports the following arguments: ``` usage: efetch [-h] [-d] [-v] [-a ADDRESS] [-p PORT] [-e ELASTIC] [-c CACHE] [-m MAXFILESIZE] [-u DEFAULTPATH] [-f PLUGINSFILE] optional arguments: -h, --help show this help message and exit -d, --debug Displays debug messages -v, --version Prints Efetch version -a ADDRESS, --address ADDRESS IP address for the Efetch server -p PORT, --port PORT Port for the Efetch server -e ELASTIC, --elastic ELASTIC Elasticsearch URL, i.e. localhost:9200 -c CACHE, --cache CACHE Directory to store cached files -m MAXFILESIZE, --maxfilesize MAXFILESIZE Max file size to cache in Megabytes, default 1GB -u DEFAULTPATH, --defaultpath DEFAULTPATH Default path used by the home page -f PLUGINSFILE, --pluginsfile PLUGINSFILE Path to the plugins config file ``` # Plugins Efetch can be easily extended with simple plugins by editing the /etc/efetch_plugin.yml file. Efetch automatically detects any changes to the plugin file. Below is an example of a ClamAV efetch plugin: ``` clamscan: name: Clam Scan command: "clamscan '{{ file_cache_path }}'" ``` Additionally, efetch supports more advanced python plugins. These plugins can be created using the scripts/create_plugin.py script. For more information see https://github.com/maurermj08/efetch/wiki/Create-Plugin. # Note Efetch is in Beta and really needs the community's support, so please post any bugs. As far as this project is concerned, there is no such thing as a bad bug report. For more information about efetch please see: https://github.com/maurermj08/efetch/wiki
近期下载者
相关文件
收藏者

© 联合开发网 from 2004 | 联系站长 | 湘ICP备2023001425号 | 网安备43010502000604 |