Simson L. Garfinkel
Simson L. Garfinkel
When processing nps-2010-emails, bulk_extractor misses two email addresses that are in PDF files (and were generated by Microsoft Word). Perhaps this is because the PDF text extractor is now missing...
The idea is to tack on these fields to the forensic path as URL query string parameters, e.g., ?re=foo&enc=UTF-8. We'd obviously need to work out the details about escaping, etc.,...
Scanners should be able to register magic numbers that they can handle. Then other scanners like `scan_xor` could look for the magic numbers and only xor when they find them......
It looks like https://github.com/simsong/dfxml/tree/facet_extraction has a few features that would be useful, but it doesn't have any test cases. This branch is 6 years old. We can fold it into...
Hi! Can you please update the [Makefile](https://github.com/simsong/dfxml/blob/master/Makefile) to indicate what `make schema-init` does and explain why it moves the git repo to a detached head state? ``` (base) simsong@nimi dfxml...
because we output HTML frequently, we could use the DFXML system to create program run metadata.
It will be neat to be able to generate metadata and provenance as python comments.
The reliability of Sleuthkit and the ease of accepting pull requests would be improved if there was increased support for unit tests and a code coverage analysis tool, such as...