Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
Z4nzu
GitHub Repository: Z4nzu/hackingtool
 Path: blob/master/tools/forensic_tools.py
1761 views
1
# coding=utf-8

2
import os

3
import sys

4


5
# Fetching parent directory for importing core.py

6
current_dir = os.path.dirname(__file__)

7
parent_dir = os.path.dirname(current_dir)

8
sys.path.append(parent_dir)

9


10
from core import HackingTool

11
from core import HackingToolsCollection

12


13
from rich.console import Console

14
from rich.panel import Panel

15
from rich.text import Text

16
from rich.table import Table

17
from rich.prompt import Prompt

18


19
console = Console()

20
PURPLE_STYLE = "bold magenta"

21


22


23
class Autopsy(HackingTool):

24
    TITLE = "Autopsy"

25
    DESCRIPTION = "Autopsy is a platform that is used by Cyber Investigators.\n" \

26
                  "[!] Works in any OS\n" \

27
                  "[!] Recover Deleted Files from any OS & Media \n" \

28
                  "[!] Extract Image Metadata"

29
    RUN_COMMANDS = ["sudo autopsy"]

30


31
    def __init__(self):

32
        super(Autopsy, self).__init__(installable=False)

33


34


35
class Wireshark(HackingTool):

36
    TITLE = "Wireshark"

37
    DESCRIPTION = "Wireshark is a network capture and analyzer \n" \

38
                  "tool to see what’s happening in your network.\n " \

39
                  "And also investigate Network related incident"

40
    RUN_COMMANDS = ["sudo wireshark"]

41


42
    def __init__(self):

43
        super(Wireshark, self).__init__(installable=False)

44


45


46
class BulkExtractor(HackingTool):

47
    TITLE = "Bulk extractor"

48
    DESCRIPTION = "Extract useful information without parsing the file system"

49
    PROJECT_URL = "https://github.com/simsong/bulk_extractor"

50


51
    def __init__(self):

52
        super(BulkExtractor, self).__init__([

53
            ('GUI Mode (Download required)', self.gui_mode),

54
            ('CLI Mode', self.cli_mode)

55
        ], installable=False, runnable=False)

56


57
    def gui_mode(self):

58
        console.print(Panel(Text(self.TITLE, justify="center"), style=PURPLE_STYLE))

59
        console.print("[bold magenta]Cloning repository and attempting to run GUI...[/]")

60
        os.system("sudo git clone https://github.com/simsong/bulk_extractor.git")

61
        os.system("ls src/ && cd .. && cd java_gui && ./BEViewer")

62
        console.print(

63
            "[magenta]If you get an error after clone go to /java_gui/src/ and compile the .jar file && run ./BEViewer[/]")

64
        console.print(

65
            "[magenta]Please visit for more details about installation: https://github.com/simsong/bulk_extractor[/]")

66


67
    def cli_mode(self):

68
        console.print(Panel(Text(self.TITLE + " - CLI Mode", justify="center"), style=PURPLE_STYLE))

69
        os.system("sudo apt install bulk-extractor")

70
        console.print("[magenta]Showing bulk_extractor help and options:[/]")

71
        os.system("bulk_extractor -h")

72
        os.system('echo "bulk_extractor [options] imagefile" | boxes -d headline | lolcat')

73


74


75
class Guymager(HackingTool):

76
    TITLE = "Disk Clone and ISO Image Acquire"

77
    DESCRIPTION = "Guymager is a free forensic imager for media acquisition."

78
    INSTALL_COMMANDS = ["sudo apt install guymager"]

79
    RUN_COMMANDS = ["sudo guymager"]

80
    PROJECT_URL = "https://guymager.sourceforge.io/"

81


82
    def __init__(self):

83
        super(Guymager, self).__init__(installable=False)

84


85


86
class Toolsley(HackingTool):

87
    TITLE = "Toolsley"

88
    DESCRIPTION = "Toolsley got more than ten useful tools for investigation.\n" \

89
                  "[+]File signature verifier\n" \

90
                  "[+]File identifier \n" \

91
                  "[+]Hash & Validate \n" \

92
                  "[+]Binary inspector \n " \

93
                  "[+]Encode text \n" \

94
                  "[+]Data URI generator \n" \

95
                  "[+]Password generator"

96
    PROJECT_URL = "https://www.toolsley.com/"

97


98
    def __init__(self):

99
        super(Toolsley, self).__init__(installable=False, runnable=False)

100


101


102
class ForensicTools(HackingToolsCollection):

103
    TITLE = "Forensic tools"

104
    TOOLS = [

105
        Autopsy(),

106
        Wireshark(),

107
        BulkExtractor(),

108
        Guymager(),

109
        Toolsley()

110
    ]

111


112
    def _get_attr(self, obj, *names, default=""):

113
        for n in names:

114
            if hasattr(obj, n):

115
                return getattr(obj, n)

116
        return default

117


118
    def pretty_print(self):

119
        table = Table(title="Forensic Tools", show_lines=True, expand=True)

120
        table.add_column("Title", style=PURPLE_STYLE, no_wrap=True)

121
        table.add_column("Description", style=PURPLE_STYLE)

122
        table.add_column("Project URL", style=PURPLE_STYLE, no_wrap=True)

123


124
        for t in self.TOOLS:

125
            title = self._get_attr(t, "TITLE", "Title", "title", default=t.__class__.__name__)

126
            desc = self._get_attr(t, "DESCRIPTION", "Description", "description", default="")

127
            url = self._get_attr(t, "PROJECT_URL", "PROJECT_URL", "PROJECT", "project_url", "projectUrl", default="")

128
            table.add_row(str(title), str(desc).replace("\n", " "), str(url))

129


130
        console.print(Panel(table, title=f"[magenta]Available Tools[/magenta]", border_style=PURPLE_STYLE))

131


132
    def show_options(self, parent=None):

133
        console.print("\n")

134
        console.print(Panel.fit(

135
            "[bold magenta]Forensic Tools Collection[/bold magenta]\n"

136
            "Select a tool to run or view options.",

137
            border_style=PURPLE_STYLE

138
        ))

139


140
        table = Table(title="[bold cyan]Available Tools[/bold cyan]", show_lines=True)

141
        table.add_column("Index", justify="center", style="bold yellow")

142
        table.add_column("Tool Name", justify="left", style="bold green")

143
        table.add_column("Description", justify="left", style="white")

144


145
        for i, tool in enumerate(self.TOOLS):

146
            title = self._get_attr(tool, "TITLE", "Title", "title", default=tool.__class__.__name__)

147
            desc = self._get_attr(tool, "DESCRIPTION", "Description", "description", default="—")

148
            table.add_row(str(i + 1), title, desc or "—")

149


150
        table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to previous menu")

151
        console.print(table)

152


153
        try:

154
            choice = Prompt.ask("[bold cyan]Select a tool to run[/bold cyan]", default="99")

155
            choice = int(choice)

156
            if 1 <= choice <= len(self.TOOLS):

157
                selected = self.TOOLS[choice - 1]

158
                # delegate to collection-like tools if available

159
                if hasattr(selected, "show_options"):

160
                    selected.show_options(parent=self)

161
                # if tool exposes actions (like BulkExtractor) and has a menu, try to show it

162
                elif hasattr(selected, "show_actions"):

163
                    selected.show_actions(parent=self)

164
                # otherwise try to call run if present

165
                elif hasattr(selected, "run"):

166
                    selected.run()

167
                else:

168
                    console.print("[bold yellow]Selected tool has no runnable interface.[/bold yellow]")

169
            elif choice == 99:

170
                return 99

171
        except Exception:

172
            console.print("[bold red]Invalid choice. Try again.[/bold red]")

173
        return self.show_options(parent=parent)

174


175


176
if __name__ == "__main__":

177
    tools = ForensicTools()

178
    tools.pretty_print()

179
    tools.show_options()

180


181