On Wed, Mar 02, 2016 at 11:26:08PM +0200, noxdafox wrote:
>
>
> On 02/03/16 18:24, Richard W.M. Jones wrote:
> >On Wed, Mar 02, 2016 at 05:59:32PM +0200, noxdafox wrote:
> >>One of the patches I'm talking about would add TSK (The Sleuth Kit)
> >>as a dependency within the appliance.
> >>
>
On 02/03/16 18:24, Richard W.M. Jones wrote:
On Wed, Mar 02, 2016 at 05:59:32PM +0200, noxdafox wrote:
One of the patches I'm talking about would add TSK (The Sleuth Kit)
as a dependency within the appliance.
This would bring new APIs such as:
'fls' more powerful 'ls' command allowing to
On Wed, Mar 02, 2016 at 05:59:32PM +0200, noxdafox wrote:
> One of the patches I'm talking about would add TSK (The Sleuth Kit)
> as a dependency within the appliance.
>
> This would bring new APIs such as:
> 'fls' more powerful 'ls' command allowing to get list of deleted
> files or timelines
On 02/03/16 17:53, Richard W.M. Jones wrote:
On Wed, Mar 02, 2016 at 05:47:40PM +0200, noxdafox wrote:
Greetings,
I am playing around with the idea of using libguestfs as a forensic
tool to investigate VM disk images.
Some use cases as example:
* Sandbox for malware analysis.
* Incident
On Wed, Mar 02, 2016 at 05:47:40PM +0200, noxdafox wrote:
> Greetings,
>
> I am playing around with the idea of using libguestfs as a forensic
> tool to investigate VM disk images.
>
> Some use cases as example:
> * Sandbox for malware analysis.
> * Incident response in cloud environments.
>
Greetings,
I am playing around with the idea of using libguestfs as a forensic tool
to investigate VM disk images.
Some use cases as example:
* Sandbox for malware analysis.
* Incident response in cloud environments.
Libguestfs is a precious resource in this case as it allows to abstract
