DFTimewolf
#Incident Management#Digital Forensics
Tool for parsing NTFS journal files, $Logfile, and $MFT.
DFTimewolf: A Framework for Forensic Data Management
DFTimewolf is a framework designed to facilitate the orchestration of forensic collection, processing, and data export.
It consists of collectors, processors, and exporters (modules) that interact with each other
It consists of collectors, processors, and exporters (modules) that transfer data among themselves.
The orchestration of modules is defined in predefined 'recipes'
The orchestration of modules is specified in predefined 'recipes'. The documentation for this process is available on GitHub pages.