Chapter 3

Our First Python Forensics App

Abstract

This chapter contains the first in a series of cookbook examples, which is about file system hashing. I will take a deep dive into the development of a Python forensic application along with the considerations necessary to build quality forensic tools.

I will examine several one-way cryptographic algorithms and use them to perform file system hashing. I have exclusively utilized the Python Standard Library and my own innovation to create a fully functional program that runs both on Windows and Linux platforms. I also utilize and explain the argparse, csv, logging, and os.walk modules and use them as key elements of this first Python Forensic application.

Keywords

One-way hashing

sha256

sha512 ...

Get Python Forensics now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.