14 lines
611 B
Plaintext
14 lines
611 B
Plaintext
bulk_extractor is a C++ program that scans a disk image, a file, or
|
|
a directory of files and extracts useful information without parsing
|
|
the file system or file system structures. The results are stored in
|
|
feature files that can be easily inspected, parsed, or processed with
|
|
automated tools. bulk_extractor also creates histograms of features
|
|
that it finds, as features that are more common tend to be more
|
|
important.
|
|
|
|
bulk_extractor is distinguished from other forensic tools by its speed
|
|
and thoroughness.
|
|
|
|
Optional dependencies include libewf (recognized if installed) and
|
|
afflib (recognized if installed).
|