I hereby claim:
- I am danzek on github.
- I am digital0day (https://keybase.io/digital0day) on keybase.
- I have a public key whose fingerprint is ED5F 14F3 C51F 9CC9 0C57 809B 3FC9 7A65 5B4A 6C98
To claim this, I am signing this object:
/* only works on NTFS: does not work for resident files (files within the $MFT) | |
* from http://www.rohitab.com/discuss/topic/24252-ntfs-directcopy-method-from-napalm/ | |
* retrieved on April 13, 2017 | |
* posted by user Napalm (http://www.rohitab.com/discuss/user/3860-napalm/) 09 April 2007 - 03:13 AM | |
DirectCopy v2.0 - by Napalm @ NetCore2K | |
------------------------------------ | |
Please try and read and understand this source code. You will learn something. | |
Sector = 512 Bytes of disk space |
#!/usr/bin/env python | |
# -*- coding: utf-8 -*- | |
""" | |
Expert Witness Format (EWF) Extension Helper | |
Provides generator methods that provide the next expected file extension for EWF and EWF 2 file formats. For instance: | |
* E01 | |
* E02 |
#!/usr/bin/python -tt | |
# -*- coding: utf-8 -*- | |
""" | |
Given the starting line number from the html output (and optional ending line number), parses Internet history | |
artifacts from a default EnCase 7 HTML report into a nicer looking table. Be sure to customize fields and field widths | |
as needed. | |
Copyright 2015, Dan O'Day (d@4n68r.com) | |
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE |
#!/usr/bin/env python | |
"""Cracks a gesture.key file (Android pattern lock), reverse-engineers the Android method of creating an unsalted SHA1 | |
hash value from the 3-9 digit pattern code (each digit consisting of 9 possible values: 0-8). | |
Note that Android > v2.33 requires minimum of four values, but three makes this work for old ones too. | |
The original Android source code for pattern locks: | |
/* |
#!/usr/bin/python | |
# | |
# pdtime = parse Droid time - Utility to parse Android Unix timestamps in csv files | |
# | |
# Given a csv file or list of csv files containing Android timestamps, create a "parsed" directory and | |
# output new csv files with timestamps parsed in human-readable format, with no timezone adjustments. | |
# Android timestamps should be stored in UTC/GMT, and are parsed as such. | |
# | |
# Sample timestamp: 1311341729264, Android has three extra numbers than regular UNIX timestamps, because | |
# it stores UNIX epoch in milliseconds. It must be divided by 1000 to make it a normal UNIX timestamp. |
# Extracts GPS coordinates from images in X-Ways Forensic software and creates a KML file plotting | |
# the location data that can be opened in Google Earth. | |
# | |
# Using public code for extracting GPS EXIF data from https://gist.github.com/moshekaplan/5330395 | |
# based on original code at https://gist.github.com/erans/983821 using PIL 1.1.7 library | |
# | |
# Copyright (c) 2013 Dan O'Day. All rights reserved. https://code.google.com/p/digital0day/ | |
# This software distributed under the Eclipse Public License 1.0 (EPL-1.0) | |
# http://www.opensource.org/licenses/EPL-1.0 | |
# |
I hereby claim:
To claim this, I am signing this object: