Welcome to EverybodyWiki 😃 ! Nuvola apps kgpg.png Log in or ➕👤 create an account to improve, watchlist or create an article like a 🏭 company page or a 👨👩 bio (yours ?)...

Selective file dumper

From EverybodyWiki Bios & Wiki

Selective File Dumper
Original author(s)Nanni Bassetti and Denis Frati
Stable release
1.5 / March 21, 2008
Written inBash (shell script)
    Operating systemLinux
    TypeComputer forensics
    LicenseGNU General Public License
    GNU Lesser General Public License

    Amazon.com Logo.png Search Selective file dumper on Amazon.

    Other articles of the topic Free software : Hardened Gentoo, Appaserver, Apache Isis, Boost Software License, MediaWiki, Zclassic, Packetsquare
    Some use of "" in your query was not closed by a matching "".Some use of "" in your query was not closed by a matching "".

    Selective File Dumper (SFDumper) is a free open source computer forensics tool, written by Nanni Bassetti and Denis Frati, for Linux systems.

    It is a Bash script which can retrieve all the files of a chosen type (e.g. .doc or .jpg), regardless if they are active, deleted or unallocated. It automatically runs Foremost for carving, and Sleuthkit for deleted files retrieval. It then eliminates duplicated files by comparing the SHA256 hashes of the carved files and the active and deleted files. Thanks to carving, files simply renamed to a different extension will be identified. Also, it is possible to expand the Foremost configuration file inside the script to add new extensions. Finally, it is possible to do a keyword search on the extracted files. The script can work on an image file or directly from a device.

    It is free software licensed under the terms of the GNU General Public License (GPL) and GNU Lesser General Public License (LGPL).


    • Linux OS
    • Sleuthkit
    • Foremost
    • Sha256deep
    • grep
    • awk
    • sed
    • dd

    Requirements for the GUI version[edit]

    • Zenity

    External links[edit]

    This article "Selective file dumper" is from Wikipedia. The list of its authors can be seen in its historical. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.