Home

Welcome to the ForGen wiki!

ForGen overview

Usage

Getting started

Getting started
Command line arguments

Cases

ForGen Cases

Development guides

Module types

ForGen module types

Current main ForGen module types include:

Base
Evidence
Forensic
Software

Other module types are:

Build
Cleanup

Base

Base modules tell ForGen where to look for an ISO file to build from. The XML file is named forgen_metadata.xml and has a certain syntax that is checked by the schema base.xsd. An example of the base directory is below:

/base
  /windows
    /windows_server_2008_r2
      /forgen_metadata.xml
  /linux
    /ubuntu_16.04
      /forgen_metadata.xml

Evidence

Evidence modules contain modules that will place files with variable information onto the system at a certain location. They consist of an XML file that contains the module's metadata named forgen_metadata.xml as well as module dependent code. An example of the evidence directory is below:

/evidence
  /fraud
    /business_invoice_1
      /examples
      /facts.d
      /files
      /lib
      /manifests
        /init.pp
      /spec
      /templates
        /invoice.erb
      /forgen_metadata.xml
  /assault
    /confession_1
      /examples
      /facts.d
      /files
      /lib
      /manifests
        /init.pp
      /spec
      /templates
        /confession.erb
      /forgen_metadata.xml

Forensic

Evidence modules contain modules that will perform forensically important functions. Examples are registry manipulation or timestamp modification. They consist of an XML file that contains the module's metadata named forgen_metadata.xml. An example of the forensic directory is below:

/forensic
  /registry
    /custom_key
      /examples
      /facts.d
      /files
      /lib
      /manifests
        /init.pp
      /spec
      /templates
      /forgen_metadata.xml
  /timestamp
    /change_timestamp
      /examples
      /facts.d
      /files
      /lib
      /manifests
        /init.pp
      /spec
      /templates
      /forgen_metadata.xml

Software

Software modules contain modules that will install software onto the system. They consist of an XML file that contains the module's metadata named forgen_metadata.xml. An example of the software directory is below:

/software
  /internet_browser
    /chrome
      /examples
      /facts.d
      /files
      /lib
      /manifests
        /init.pp
      /spec
      /templates
      /forgen_metadata.xml
  /languages
    /python
      /examples
      /facts.d
      /files
      /lib
      /manifests
        /init.pp
      /spec
      /templates
      /forgen_metadata.xml

Build

Build modules contain modules that will be performed before all other modules. Build modules ensure all dependencies are present. They consist of an XML file that contains the module's metadata named forgen_metadata.xml. An example of the build directory is below:

/build
  /puppet
    /chocolatey
      /forgen_metadata.xml
  /shell
    /update
      /forgen_metadata.xml

Cleanup

Cleanup modules contain modules that will be performed before all other modules. Cleanup modules ensure no dependencies are not left on the final image or VM. They consist of an XML file that contains the module's metadata named forgen_metadata.xml. An example of the forensic directory is below:

/cleanup
  /puppet
    /chocolatey
      /forgen_matadata.xml
  /shell
    /remove_logs
      /forgen_metadata.xml

ForGen core dependencies

Languages

Ruby Puppet JSON XML

Programs

Packer Vagrant Facter

Ruby Gems

getoptlong
fileutils
erb
nokogiri
nori
Librarian-puppet

Git development guides

Git workflow guide

Caution: This wiki is still in development, therefore some parts may not be fully updated, finished or may be missing information

Provide feedback

Saved searches

Use saved searches to filter your results more quickly