GitHub

filedriller

IMPORTANT NOTE: filedriller is deprecated and will be EOL'd. Please check out the successor FileTrove https://github.com/steffenfritz/FileTrove and https://filetrove.fritz.wtf

filedriller walks a directory tree and identifies all regular files by type with siegfried. Furthermore it creates UUIDv4s, hash sums (md5, sha1, sha256, sha512 or blake2b-512) and filedriller can check if the file is in the NSRL.

The NSRL check expects a Redis server that serves NSRL SHA-1 hashes. You can use my docker image

iPres paper 2021: University of Vienna

Status

v1.0-BETA

For issues see the issue tab.

Installation

Binary release

Download the file for your platform and execute it on the command line. The executables are named friller.

Note: If the build badge above is green and says passing, it is a good idea to install from source.

or

From source

 go get github.com/steffenfritz/filedriller/cmd/friller

then

Download signature file
```
friller -download
```

Optional NSRL:

 - docker pull ampoffcom/nslredis:122022

 - docker images

 - docker run -p 6379:6379 $IMAGEID

When you pass the -redisserv flag, friller sends a SHA-1 hash to the specified server.

Usage Examples

Fetch the pronom.sig file
```
 friller --download
```
Without Redis / NSRL
```
 friller --in SOMEDIRECTORY
```

With Redis / NSRL

 friller --in SOMEDIRECTORY --redisserv localhost

With alternate output file

 friller --in SOMEDIRECTORY -output foo.csv

asciinema recording: https://asciinema.org/a/ZPAW3ovkYNR4flK5C5wmi2GAA

Output

The output is written to a CSV file. Schema of the file:

Filename, SizeInByte, Registry, PUID, Name, Version, MIME, ByteMatch, IdentificationNote, 
Hash Name, UUID, AccessTime, ModTime, ChangeTime, BirthTime inNSRL, Entropy

Flags

Usage of ./friller:

--download, -d

	Download siegfried's signature file

--entropy, -e

	Calculate the entropy of files. Limited to file sizes up to 1GB

--errlog, -w

    Error log file (default "errorlogs.txt")

--hash, -h string

	The hash algorithm to use: md5, sha1, sha256, sha512, blake2b-512 (default "sha256")

--in, -i string

	Root directory to work on

--log, -l string

     Log file (default "logs.txt")

--output, -o string

	Output file (default "info.csv")

--redisport, -s string

	Redis port number for a NSRL database (default "6379")

--redisserv, -p string

	Redis server address for a NSRL database

--version, -v

	Print version and build info

Name		Name	Last commit message	Last commit date
Latest commit History 147 Commits
.github/ISSUE_TEMPLATE		.github/ISSUE_TEMPLATE
cmd/friller		cmd/friller
testdata		testdata
third_party		third_party
.gitignore		.gitignore
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
download.go		download.go
download_test.go		download_test.go
entropy.go		entropy.go
entropy_test.go		entropy_test.go
err.go		err.go
friller.1		friller.1
go.mod		go.mod
go.sum		go.sum
hash.go		hash.go
hash_test.go		hash_test.go
logger.go		logger.go
output.go		output.go
process.go		process.go
process_bench.go		process_bench.go
process_test.go		process_test.go
redis.go		redis.go
siegfried.go		siegfried.go
types.go		types.go
uuid.go		uuid.go
uuid_test.go		uuid_test.go

License

steffenfritz/filedriller

Folders and files

Latest commit

History

Repository files navigation

filedriller

Status

Installation

Usage Examples

Output

Flags

About

Topics

Resources

License

Stars

Watchers

Forks

Languages