Chapter 3

Our First Python Forensics App

Abstract

This chapter contains the first in a series of cookbook examples, which is about file system hashing. I will take a deep dive into the development of a Python forensic application along with the considerations necessary to build quality forensic tools.

I will examine several one-way cryptographic algorithms and use them to perform file system hashing. I have exclusively utilized the Python Standard Library and my own innovation to create a fully functional program that runs both on Windows and Linux platforms. I also utilize and explain the argparse, csv, logging, and os.walk modules and use them as key elements of this first Python Forensic application.

Keywords

One-way hashing

sha256

sha512 ...

Get Python Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.