A DFVFS Backed Forensic Viewer
Python
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
icons
libpv
licenses
resources
.gitignore
ExtractionDialog.py
LICENSE
LogicalVolumeDialog.py
MainFrame.py
PancakeViewer.wxg
README.md
pancakeViewerApp-win32-custom.spec
pancakeViewerApp.py

README.md

Pancake Viewer

A DFVFS backed viewer project with a WxPython GUI.

Feedback, suggestions, help... its all welcome. With the right teamwork, we could make this a neat tool.

Dependencies

Future Functionality

First priority is to allow extraction of files. Other short term priorities include:

  • Plugin viewer system to allow for better viewing of specific file types (mainly utilizing libyal):
    • Plists
    • Events (Evt,Evtx)
    • USN
    • etc

Foreseen Shortcomings

Currently not sure how to implement a method for viewing objects (files, volumes, disk) in hex. I will soon remove the hex pane. I could always use help with this project and this is one of many areas that is beyond me. Because volumes, disk, and files can be very large in size, I dont think it would work to read the file to the hex pane. I believe what needs to be done is attach to the scroll and read sections of the I/O object that corresponds to viewer position. Not sure how to implement such a system.

Example view

Viewing VSS Extraction Options Extraction Results

More Talk

Forensic Lunch - 20160715

Pancake Talk on the Forensic Lunch