The Open Computer Forensics Architecture (OCFA) isa modular computer forensics framework to automatethe digital forensic process, to speed up theinvestigation and give tactical investigatorsdirect access to the seized data through an easyto use search and browse interface. Thearchitecture forms an environment where existingforensic tools and libraries can be easily pluggedinto the architecture and can thus be made part ofthe recursive extraction of data and metadata fromdigital evidence. It aims to be highly modular,robust, fault tolerant, recursive, and scalable inorder to be usable in large investigations thatspawn numerous terabytes of evidence data andcover hundreds of evidence items.
License: GNU General Public License (GPL)
Changes:
This version includes some refactored subsystems that should make the architecture a bit faster and easier to integrate with other programming languages like Java and Perl. With the new treegraph library, it should now be a lot simpler to create custom treegraph-based modules for the architecture.
More...