Skip to content
/ go-tsk Public

Go bindings for The Sleuth Kit forensic library

License

MIT license
8 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jdrowell/go-tsk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
busytsk
busytsk
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
base.go
base.go
 
 
fs.go
fs.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
img.go
img.go
 
 
vs.go
vs.go
 
 
wrapper.c
wrapper.c
 
 
wrapper.h
wrapper.h
 
 

Repository files navigation

go-tsk

Go bindings for The Sleuth Kit forensic library

What is Working

  • disk images (open, properties)
  • volume systems (open, properties)
  • partitions (open, properties)
  • filesystems (open, properties, walk)
  • files (copy)
  • error handling

How to Use

Check the busytsk folder for examples.

Dependencies

These bindings are up to date with version 4.12.0 of sleuthkit. You must have sleuthkit-dev installed to be able to link your binary. Also, make sure NOT to have something like CGO_ENABLED=0 in your environment.

Building

You can build the demo utility by entering the busytsk folder and running go build.

Documentation

I'm slowly adding documentation in go doc format. Just use that command to explore it.

About

Go bindings for The Sleuth Kit forensic library

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages