Project description

Description

ntrprtr configurations for forensic analysis of bitlocker volumes

pip install ntrprtr_bitlocker_forensics

Shell:

General

Option	Short	Type	Default	Description
--mode	-m	String	-	copy = Create a local copy of bitlocker forensics configuration files

mode = copy

Option	Short	Type	Default	Description
--path	-p	String	""	Path for local copy of ntrprtr configuration files

To use this configuration files install ntrprtr and ntrprtr_bitlocker_forensics:

pip install ntrprtr
pip install ntrprtr_bitlocker_forensics

To use the files, create a local copy:

python -m ntrprtr_bitlocker_forensics -m copy -p .

It creates the following structure:

./ntrprtr-bitlocker-config
â”œâ”€â”€â”€bitlocker-metadata-header.json
â”œâ”€â”€â”€bitlocker-volume-header.json

Now just use the config as input for ntrprtr:

python -m ntrprtr -m interpret -p bitlocker-volume-header.bin -c ./ntrprtr-bitlocker-config/bitlocker-volume-header.json -r result.txt

MIT

These details have not been verified by PyPI

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

This version

0.1.0

Nov 1, 2022

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Uploaded Nov 1, 2022 Source

Uploaded Nov 1, 2022 Python 3

Hashes for ntrprtr_bitlocker_forensics-0.1.0.tar.gz
Algorithm	Hash digest
SHA256	`c38172a845f9b45393225f2f8cf63aa59ac9142273290f4ba2719d919ea6914f`
MD5	`b838759dfcf1b8efd0f9b0475f208552`
BLAKE2b-256	`50e0c2403ee9e4ab9e627d9be96d738beba31f5c6e2eb118107ff8a79d5d9033`

Hashes for ntrprtr_bitlocker_forensics-0.1.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`8b014492a0a18bbcd8451ec1edaab8d7f091b250c51f6baa796987f3f6aa7f45`
MD5	`461936a72931c9ea611050a23082f6c5`
BLAKE2b-256	`4bd9c4ee6d1fcfdfcaa59c7fd8fd1a78f09723a4e5646baa0fea824995824494`