slackbuilds/system/bulk_extractor
Barry J. Grundy 83e6b72e7e system/bulk_extractor: Updated for version 1.5.5.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
2014-11-14 09:20:58 +07:00
..
README system/bulk_extractor: Updated for version 1.5.5. 2014-11-14 09:20:58 +07:00
bulk_extractor.SlackBuild system/bulk_extractor: Updated for version 1.5.5. 2014-11-14 09:20:58 +07:00
bulk_extractor.info system/bulk_extractor: Updated for version 1.5.5. 2014-11-14 09:20:58 +07:00
slack-desc various: Fix slack-desc formatting and comment nit picks. 2013-11-22 02:29:22 -05:00

README

bulk_extractor is a C++ program that scans a disk image, a file, or a directory
of files and extracts useful information without parsing the file system or 
file system structures. The results are stored in feature files that can be 
easily inspected, parsed, or processed with automated tools. bulk_extractor 
also creates histograms of features that it finds, as features that are more 
common tend to be more important.

bulk_extractor is distinguished from other forensic tools by its speed and
thoroughness.

Optional dependancies include libewf (recognized if installed), afflib
(recognized if installed), and liblightgrep.

To add optional liblightgrep support:

  LIGHTGREP_ENABLE=yes ./bulk_extractor.SlackBuild

NOTE:
  When running bulk_extractor with lightgrep, use
  "-x find -e lightgrep -F findlist.txt" in addition to regular options.