Difference between revisions of "Forensic: FOREMOST file recovery"

Latest revision as of 20:13, 9 July 2021

Sumber: https://tools.kali.org/forensics/foremost

Foremost is a forensic program to recover lost files based on their headers, footers, and internal data structures. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery.

Instal

apt install foremost

Penggunaan

foremost -h

foremost -t doc,jpg,pdf,xls -i image.dd
Processing: image.dd
|*|

ls output/
audit.txt  jpg  pdf

@@ Line 3: / Line 3: @@
 Foremost is a forensic program to recover lost files based on their headers, footers, and internal data structures. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery.
+==Instal==
+ apt install foremost
 ==Penggunaan==

Difference between revisions of "Forensic: FOREMOST file recovery"

Latest revision as of 20:13, 9 July 2021

Instal

Penggunaan

Navigation menu

Search