Menu

Drive Digest

We’ve been quietly developing digital forensics tools and forensic software to assist in our analysis for almost 10 years, and until recently, all of that source code has been sitting around and collecting dust.  As time permits, we will be dusting it off, adding some updates, and releasing some of it to the public.

Think of it as our way of saying thank you to everyone who has written articles, published research, or contributed software/code to the forensic community.

These utilities are provided “as-is” and are free for both personal and commercial use. As with any software, including ours, you should always independently validate your findings.  Oh, and if you find any of our utilities useful, feel free to drop by @chadgough or @4Discovery on Twitter and say thanks. Bug reports and feature requests are always welcome!

Drive Digest

Analysis, Categorization, and Reporting on Documents

Drive Digest was created to automate the numerous requests we received to summarize the contents of a hard drive or document collection.

File Analysis:

  • MD5 and SHA1 hashing
  • List files inside of archives
  • Supports scanning paths longer than 255 characters
  • Lists filesystem dates and times for easy filtering
  • Categorizes files by over 200 file types and provides counts and total size summaries
  • Supports regular expression rules for alerting on notable files such as encryption programs, large files, and often overlooked backup archives

Archive File Analysis

  • List Files inside of archives
  • Scans inside of zip, rar, tar, gzip, 7zip, ISO images, arm, cab and other archive types
  • Hashes files in archives
  • Configurable to scan nested archives (zip inside a zip)
  • Creates a summary of compressed size, uncompressed size, and item counts for every archive

Email Analysis (Pro Version Only)

  • Creates email listings from Microsoft Outlook PST and OST files
  • Lists documents stored as attachments in emails
  • Calculates the total size of messages and documents stored in archives
  • Creates a summary of each email archive including earliest message, newest message, count of emails, and count of attachments

Encrypted Document Detection (Pro Version Only)

  • Detects over 200 different types of encrypted documents
  • Lists document type, decryption complexity, and recovery options

Other Features

  • Multithreaded for quick analysis
  • Number of threads configurable at runtime
  • Saves all data directly to Microsoft Excel
  • Requirements: Microsoft .NET Framework v4.0
  • Lite version free for both personal and commercial use.  Pro version is restricted and not currently publicly available
Drive Digest

Drive Digest v1.2 - Released 05-24-2013

Download Now