-
Notifications
You must be signed in to change notification settings - Fork 24
Python bindings for The Sleuth Kit (libtsk)
License
py4n6/pytsk
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
pytsk is a Python binding for the SleuthKit. This is a Python binding against the libtsk (SleuthKit library). The aim is to make the binding reflect the TSK API as much as possible in capabilities, while at the same time having a nice Pythonic OO interface: 4.11.1: http://www.sleuthkit.org/sleuthkit/docs/api-docs/4.11.1/ WARNING: use pytsk at your own risk. libtsk is known to have many defects. For processing data from untrusted sources it is highly recommended to add additional security measures, such as a security sandbox. If downloaded pytsk using git you'll have to first run: python setup.py update If you want to use the latest version of Sleuthkit that is checked into git (also known as HEAD), instead of the currently supported version, you can run: python setup.py update --use-head To build the bindings just use the standard Python setuptools: python setup.py build python setup.py install At the top level of the source tree. The Python binding is autogenerated from the libtsk header files using a small OO C shim. This means that most of the fields in many of the structs are already available. We aim to provide most of the functionality using this shim (e.g. traversing and iterating over lists etc). The authoritative source of documentation is the library API linked above.
About
Python bindings for The Sleuth Kit (libtsk)
Resources
License
Stars
Watchers
Forks
Packages 0
No packages published