ntrprtr configurations for forensic analysis of bitlocker volumes
Project description
Description
ntrprtr configurations for forensic analysis of bitlocker volumes
Installation
pip install ntrprtr_bitlocker_forensics
Usage
Shell:
General
Option | Short | Type | Default | Description |
---|---|---|---|---|
--mode | -m | String | - | copy = Create a local copy of bitlocker forensics configuration files |
mode = copy
Option | Short | Type | Default | Description |
---|---|---|---|---|
--path | -p | String | "" | Path for local copy of ntrprtr configuration files |
Example
To use this configuration files install ntrprtr
and ntrprtr_bitlocker_forensics
:
pip install ntrprtr
pip install ntrprtr_bitlocker_forensics
To use the files, create a local copy:
python -m ntrprtr_bitlocker_forensics -m copy -p .
It creates the following structure:
./ntrprtr-bitlocker-config
├───bitlocker-metadata-header.json
├───bitlocker-volume-header.json
Now just use the config as input for ntrprtr
:
python -m ntrprtr -m interpret -p bitlocker-volume-header.bin -c ./ntrprtr-bitlocker-config/bitlocker-volume-header.json -r result.txt
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for ntrprtr_bitlocker_forensics-0.1.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | c38172a845f9b45393225f2f8cf63aa59ac9142273290f4ba2719d919ea6914f |
|
MD5 | b838759dfcf1b8efd0f9b0475f208552 |
|
BLAKE2b-256 | 50e0c2403ee9e4ab9e627d9be96d738beba31f5c6e2eb118107ff8a79d5d9033 |
Close
Hashes for ntrprtr_bitlocker_forensics-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8b014492a0a18bbcd8451ec1edaab8d7f091b250c51f6baa796987f3f6aa7f45 |
|
MD5 | 461936a72931c9ea611050a23082f6c5 |
|
BLAKE2b-256 | 4bd9c4ee6d1fcfdfcaa59c7fd8fd1a78f09723a4e5646baa0fea824995824494 |