forensicstore

The forensicstore project can create, access and process forensic artifacts bundled in so called forensicstores (a database for forensic artifacts).

Example

func main() {
	// create forensicstore
	store, teardown, _ := forensicstore.New("example.forensicstore")
	defer teardown()

	// create a struct
	evidence := struct {
		Data string
		Type string
	}{Data: "secret", Type: "test"}

	// insert struct into forensicstore
	store.InsertStruct(evidence)

	// get element from forensicstore
	elements, _ := store.Search("secret")

	// access element's data
	fmt.Println(elements)
}

Contact

For feedback, questions and discussions you can use the Open Source DFIR Slack.

Name		Name	Last commit message	Last commit date
Latest commit History 123 Commits
.github		.github
cmd		cmd
copy		copy
docs		docs
goflatten		goflatten
replace/context		replace/context
sqlitefs		sqlitefs
test		test
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
concurrentMaps.go		concurrentMaps.go
concurrentMaps_test.go		concurrentMaps_test.go
elements.go		elements.go
elements_test.go		elements_test.go
example_test.go		example_test.go
go.mod		go.mod
go.sum		go.sum
schemavalidator.go		schemavalidator.go
schemavalidator_test.go		schemavalidator_test.go
schemavalidatordummy.go		schemavalidatordummy.go
store.go		store.go
store_dir_test.go		store_dir_test.go
store_test.go		store_test.go
util.go		util.go
util_test.go		util_test.go

License

forensicanalysis/forensicstore

Folders and files

Latest commit

History

Repository files navigation

forensicstore

Example

Contact

About

Resources

License

Stars

Watchers

Forks

Languages