PyFlag Logo
   
Introduction
FAQ
Screenshots
 
Downloads
Download PyFlag
Standard Image Sets
Browse the Source
 
Documentation
User Manual
Tutorials
Developer Documentation
Papers and Articles
Presentations
 
Email Us
Support Mailing List
 
Thanks to Sourceforge for their support: SourceForge.net Logo
[Python Powered]
 
© 2004-2005
 
Print this page
  

Screenshots of PyFlag

PyFlag has a choice of 2 GUIs. There is a HTTPServer which is accessible via any browser over the network, and there is a GTK GUI application. The same functionality is available through both GUIs.

shot1.png

Browsing the Virtual Filesystem using the GTK GUI. Note the _deleted_ and _unallocated_ virtual directories providing access to the deleted files.

shot3.png

Browsing the VFS using the HTML interface. Note the email messages forming virtual files in the pst file. Virtual files were also created to represent the contents of the zip file attachments within the PST file.

shot2.png

Using the GTK GUI to examine statistics about a file.

shot4.png

The Hash comparison table comparing hash values to the NSRL. Note the filter conditions enforced on the table assisting the investigator in focusing on the important files.

shot5.png

The registry viewer showing a key in a registry file residing on a sample image. Note the last modified timestamp is shown.

View document source. Generated on: 2005-07-05 12:46 UTC. Generated by Docutils from reStructuredText source.