SlideShare uma empresa Scribd logo
1 de 9
Baixar para ler offline
Foremost
Foremost is a Linux based program data for recovering deleted files . The program uses a
configuration file to specify headers and footers to search for. Intended to be run on disk images,
foremost can search through most any kind of data without worrying about the format.
Below are the screen shots

Fig. Foremost help options
Fig. Foremost Manual and the format types it can recover
Fig. Checks for the HD partitions
Fig. Foremost Usage
Usage: foremost -t [type of files want to recover] –o [output dir] –I [input file(disk img/partition)]
Fig. The output file is generated on the desktop “ntfsoutput”
Fig. Recovered JPG files from the HD partition /dev/sda1
Fig. Recovered PNG files from the HD partition /dev/sda1

Fig. Audit.txt contains the Report of foremost
DCFLDD
Dcfldd is a tool designed to acquire images. Dcfldd was designed to be an open sources
computer forensic tool that would improve some of the shortcomings of the dd application.
When the hashwindows=0 option is specified, the dcfldd will calculate the md5sum while the
data is being copied, this options eliminate the extra step of having to use md5sum afterward to
calculate the md5sum of the bitstream copy. This can save a lot of time as hashing the drive with
md5sum can take a while. Another feature of the dcfldd command is the status bar, this is an
important feature as it indicates how long the process it’s going to take.
#fdisk –l
/dev/sda1  HD partition
/dev/sdb1 -> External HD
#mkdir /mnt/pdrive (make dir in the /mnt to mount the external HD)
#mount /dev/sdb1 /mnt/data (mounting the external HD )
#md5sum /dev/sda1 > /mnt/pdrive/md5hash1.txt ( Taking the hash value of sda1)
Now comes to acquire the image of the /dev/sda1 partition in the external HD using DCFLDD
tool
#dcfldd if=/dev/sda1 of=/mnt/pdrive/image.dd hashlog=/mnt/pdrive/md5hash2.txt
Above if represent “input file”
Of represent “output file”
Hashlog , by default is the Md5hash
Fig. Dcflff acquires the image of /dev/sda1 in the external HD /mnt/pdrive
Now check the both the hash values Md5hash1.txt and Md5hash2.txt in the /mnt/pdrive , it
should be the same.

Mais conteúdo relacionado

Destaque

How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?Pankaj Rane
 
Nagios Conference 2013 - Sam Lansing - Getting Started With Nagios XI, Core, ...
Nagios Conference 2013 - Sam Lansing - Getting Started With Nagios XI, Core, ...Nagios Conference 2013 - Sam Lansing - Getting Started With Nagios XI, Core, ...
Nagios Conference 2013 - Sam Lansing - Getting Started With Nagios XI, Core, ...Nagios
 
Samba server configuration
Samba server configurationSamba server configuration
Samba server configurationThamizharasan P
 
How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7VCP Muthukrishna
 
How To Create EBS Snapshot and Restore EBS Snapshot – Linux Instance
How To Create EBS Snapshot and Restore EBS Snapshot – Linux InstanceHow To Create EBS Snapshot and Restore EBS Snapshot – Linux Instance
How To Create EBS Snapshot and Restore EBS Snapshot – Linux InstanceVCP Muthukrishna
 
Déploiement ELK en conditions réelles
Déploiement ELK en conditions réellesDéploiement ELK en conditions réelles
Déploiement ELK en conditions réellesGeoffroy Arnoud
 
How To Install and Configure SUDO on RHEL 7
How To Install and Configure SUDO on RHEL 7How To Install and Configure SUDO on RHEL 7
How To Install and Configure SUDO on RHEL 7VCP Muthukrishna
 
How to Troubleshoot SELinux Audit2Allow unable to open (null)
How to Troubleshoot SELinux Audit2Allow unable to open (null)How to Troubleshoot SELinux Audit2Allow unable to open (null)
How to Troubleshoot SELinux Audit2Allow unable to open (null)VCP Muthukrishna
 
How To Install and Configure AWS CLI for Windows
How To Install and Configure AWS CLI for WindowsHow To Install and Configure AWS CLI for Windows
How To Install and Configure AWS CLI for WindowsVCP Muthukrishna
 
LSOF Command Usage on RHEL 7
LSOF Command Usage on RHEL 7LSOF Command Usage on RHEL 7
LSOF Command Usage on RHEL 7VCP Muthukrishna
 

Destaque (12)

How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?
 
Nagios Conference 2013 - Sam Lansing - Getting Started With Nagios XI, Core, ...
Nagios Conference 2013 - Sam Lansing - Getting Started With Nagios XI, Core, ...Nagios Conference 2013 - Sam Lansing - Getting Started With Nagios XI, Core, ...
Nagios Conference 2013 - Sam Lansing - Getting Started With Nagios XI, Core, ...
 
Samba server configuration
Samba server configurationSamba server configuration
Samba server configuration
 
How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7How To Install OpenFire in CentOS 7
How To Install OpenFire in CentOS 7
 
Samba4 Introduction
Samba4 IntroductionSamba4 Introduction
Samba4 Introduction
 
How To Create EBS Snapshot and Restore EBS Snapshot – Linux Instance
How To Create EBS Snapshot and Restore EBS Snapshot – Linux InstanceHow To Create EBS Snapshot and Restore EBS Snapshot – Linux Instance
How To Create EBS Snapshot and Restore EBS Snapshot – Linux Instance
 
Déploiement ELK en conditions réelles
Déploiement ELK en conditions réellesDéploiement ELK en conditions réelles
Déploiement ELK en conditions réelles
 
How To Install and Configure SUDO on RHEL 7
How To Install and Configure SUDO on RHEL 7How To Install and Configure SUDO on RHEL 7
How To Install and Configure SUDO on RHEL 7
 
How to Troubleshoot SELinux Audit2Allow unable to open (null)
How to Troubleshoot SELinux Audit2Allow unable to open (null)How to Troubleshoot SELinux Audit2Allow unable to open (null)
How to Troubleshoot SELinux Audit2Allow unable to open (null)
 
How To Install and Configure AWS CLI for Windows
How To Install and Configure AWS CLI for WindowsHow To Install and Configure AWS CLI for Windows
How To Install and Configure AWS CLI for Windows
 
LSOF Command Usage on RHEL 7
LSOF Command Usage on RHEL 7LSOF Command Usage on RHEL 7
LSOF Command Usage on RHEL 7
 
How To List YUM Packages
How To List YUM PackagesHow To List YUM Packages
How To List YUM Packages
 

Último

Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 

Último (20)

Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 

Foremost is a Linux based tool for recovering deleted files

  • 1. Foremost Foremost is a Linux based program data for recovering deleted files . The program uses a configuration file to specify headers and footers to search for. Intended to be run on disk images, foremost can search through most any kind of data without worrying about the format. Below are the screen shots Fig. Foremost help options
  • 2. Fig. Foremost Manual and the format types it can recover
  • 3. Fig. Checks for the HD partitions
  • 4. Fig. Foremost Usage Usage: foremost -t [type of files want to recover] –o [output dir] –I [input file(disk img/partition)]
  • 5. Fig. The output file is generated on the desktop “ntfsoutput”
  • 6. Fig. Recovered JPG files from the HD partition /dev/sda1
  • 7. Fig. Recovered PNG files from the HD partition /dev/sda1 Fig. Audit.txt contains the Report of foremost
  • 8. DCFLDD Dcfldd is a tool designed to acquire images. Dcfldd was designed to be an open sources computer forensic tool that would improve some of the shortcomings of the dd application. When the hashwindows=0 option is specified, the dcfldd will calculate the md5sum while the data is being copied, this options eliminate the extra step of having to use md5sum afterward to calculate the md5sum of the bitstream copy. This can save a lot of time as hashing the drive with md5sum can take a while. Another feature of the dcfldd command is the status bar, this is an important feature as it indicates how long the process it’s going to take. #fdisk –l /dev/sda1  HD partition /dev/sdb1 -> External HD #mkdir /mnt/pdrive (make dir in the /mnt to mount the external HD) #mount /dev/sdb1 /mnt/data (mounting the external HD ) #md5sum /dev/sda1 > /mnt/pdrive/md5hash1.txt ( Taking the hash value of sda1) Now comes to acquire the image of the /dev/sda1 partition in the external HD using DCFLDD tool #dcfldd if=/dev/sda1 of=/mnt/pdrive/image.dd hashlog=/mnt/pdrive/md5hash2.txt Above if represent “input file” Of represent “output file” Hashlog , by default is the Md5hash
  • 9. Fig. Dcflff acquires the image of /dev/sda1 in the external HD /mnt/pdrive Now check the both the hash values Md5hash1.txt and Md5hash2.txt in the /mnt/pdrive , it should be the same.