|
Welcome to the home page for the odessa project
What is odessa? It's an acronym for "Open Digital Evidence Search and Seizure Architecture"
The intent of this project is to provide a completely open and extensible suite of tools for
performing digital evidence analysis as well as a means of generating a usable report detailing
the analysis and any findings. The odessa tool suite currently represents more than 7 man years
of labor, and consists of 3 highly modular
cross-platform tools for the acquisition, analysis, and documentation of digital evidence.
In addition to the odessa tool suite, the project hosts other applications and information
related to digital forensics. At this time, the list of additional tools includes a set of whitepapers and
utilities authored by Keith J. Jones including Galleta, a tool for analyzing Internet Explorer cookies, Pasco, a tool for
analyzing the Microsoft Windows index.dat file, and Rifiuti, a tool for investigating the Microsoft Windows
recycle bin info2 file.
|
|
Open Data Duplicator released
Posted by: jon |
| Open Data Duplicator has been released, and the source is
now available for download from the odessa project page. ODD consists of three components. The
first is a set of custom Linux boot disks, originally based on the Trinux security distribution, that
allow an investigator to boot an Intel, PPC, or Sparc based computer system into a trusted enviornment.
The other components are a client and server application used to copy the contents of a file
(or device) from one location to another, generally used to make a bit-image or forensic copy of
a device. ODD supports both local or remote transfers over a network.
ODD supports the use of plugins, which are dynamically loaded at runtime and
allows examination of the data (keyword search, hash, etc.) concurrent to the data transfer. At this
time, only the source for the client and server applications has been posted. We are currently readying
the release of the Linux boot disks and a binary ODD package, but no timetable has been set. |
|
odessa lives!
Posted by: jon |
| The openforensics.org and odessa homepages have been updated, and
the first of the three software applications (open data duplicator) is expected to be uploaded this weekend. |
|
|
|
| OPEN SOURCE LINKS: |
|
|
| FORENSICS LINKS: |
|
|
|
|