Mobius Forensic Toolkit is a forensic framework written in C++ and Python/GTK that manages cases and case items, providing an abstract interface for the development of extensions. Data storage is done using both XML files and SQLite databases, for easy integration with other tools. Mobius Forensic Toolkit supports both imagefiles (raw, split, ewf, talon, solo, dossier) and physical devices as input sources.
INSTALLATION
./configure --with-libtsk=<SLEUTHKIT_DIR>
make
su -c 'make install'
<SLEUTHKIT_DIR> is the directory where sleuthkit has been installed.
Use
--without-sleuthkit to build the C++ API without support to the sleuthkit libraries.
USAGE
Run mobius_bin.py
SCREENSHOTS
- ICE (Integrated Case Environment):
 |
| Integrated Case Environment |
 |
| The Hive extension browsing registry's logical structure |
 |
| The Hive extension reports |
 |
| The Floppy Imager extension |
 |
| Creating a report template with Report Wizard |
 |
| Creating extensions with Extension Builder |
Reviewed by Anonymous
on
10:25 PM
Rating:
