Abstract

This chapter contains the first in a series of cookbook examples, which is about file system hashing. I will take a deep dive into the development of a Python forensic application along with the considerations necessary to build quality forensic tools.

I will examine several one-way cryptographic algorithms and use them to perform file system hashing. I have exclusively utilized the Python Standard Library and my own innovation to create a fully functional program that runs both on Windows and Linux platforms. I also utilize and explain the argparse, csv, logging, and os.walk modules and use them as key elements of this first Python Forensic application.