brunnhilde icon indicating copy to clipboard operation
brunnhilde copied to clipboard

Published 20 hours ago verified publisher icon tw4l

Bulk_extractor options

Open nconnizzo-cosa opened this issue 8 months ago • 7 comments

Hi all-

Just wondering if it is possible to use some of the more advanced options of bulk_extractor when running Brunnhilde? (such as enabling/disabling scanners, including custom ones, using stop and alert lists, and so on)

Second question: does Brunnhilde run bulk_extractor on directories or only on disk images? My testing has shown that there are no BE outputs when run on an identical set of records packaged as an E01 versus as a nested directory, but I could be doing something wrong! (running Ubuntu 22.04, 64-bit)

Thanks so much for all your work on this tool!

nconnizzo-cosa avatar Nov 02 '23 13:11 nconnizzo-cosa