View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0004228Kali LinuxQueued Tool Additionpublic2017-09-06 16:022024-10-22 13:06
ReporterProtheophage Assigned Todaniruiz  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionreopened 
Summary0004228: aic - (Automated Image Collector) Finds and images storage devices Finds all storage devices attached to the computer, and foren
Description

Hi,
I have recently completed and packaged two automation tools that I think may fit well with the Kali Live Forensic mode. I have done my best to conform to the Debian packaging & GNU Open-source licensing protocols. The source packages can be found on GitHub here:
https://github.com/Protheophage/AIC
https://github.com/Protheophage/TBS
Additional info below.
Huge Fan!
Thank you,
Colby C (Protheophage)
[email protected]

Steps To Reproduce

Place flags on devices that you want to be ignored by the program. (See included man-pages for more detail.) Attach storage devices. Run programs. Get coffee. Twiddle thumbs. Enjoy!

Additional Information

Automated Image Collector (aic) is a tool to automate the process of collecting forensically sound images of storage devices. I designed it with the intent of being used on a live USB to collect images in the field. I have recently made it friendly with hard installed systems. AIC will search for any attached storage devices, catalog them, and image them to a predetermined destination device. Man-pages included for more details.

The Black Scorme (tbs) is a tool to automate the process of erasing storage devices. TBS will search for, catalog, and write zeros (0) to any attached storage devices.

I have tested both tools with internal drives, external drive bays, and USB bays. However there is, for now, a theoretical limit of 26 devices at one time. This is due to the naming convention for devices (sda, sdb, ...) and the way the tools search for devices. Both tools use DC3DD to accomplish the end goal, and both verify the outcomes with hashing.

Activities

g0tmi1k

g0tmi1k

2018-01-29 14:41

administrator   ~0008358

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?
g0tmi1k

g0tmi1k

2020-02-11 17:07

administrator   ~0012256

I don't see the source, just a package and binary?
Protheophage

Protheophage

2020-03-18 02:11

reporter   ~0012426

Thank you for responding to my submission. I saw that your note said you don't see the sources. The source for both can be found one directory deep into each respectively.
TBS/tbs-0.1/tbs
https://github.com/Protheophage/TBS/blob/master/tbs-0.1/tbs
AIC/aic-0.1/aic
https://github.com/Protheophage/AIC/blob/master/aic-0.1/aic

Thank you again for your time.
g0tmi1k

g0tmi1k

2020-03-30 14:34

administrator   ~0012562

I would say https://github.com/Protheophage/AIC can be added.
https://github.com/Protheophage/TBS I don't think it needed.

@kali-team please review the package thats been created before importing.
@author, thanks for the suggestion & also packaging it
Arszilla

Arszilla

2024-09-29 11:21

reporter   ~0019851

The repositories seem to be deleted, making this ticket redundant.

Issue History

Date Modified Username Field Change
2017-09-06 16:02 Protheophage New Issue
2018-01-29 14:24 g0tmi1k Summary Two submissions for forensic automation tools: Automated Image Collector (aic) & The Black Scorme (tbs) => Automated Image Collector (aic) & The Black Scorme (tbs)
2018-01-29 14:41 g0tmi1k Note Added: 0008358
2018-02-21 09:35 g0tmi1k Product Version kali-dev =>
2020-02-11 17:07 g0tmi1k Note Added: 0012256
2020-02-11 17:08 g0tmi1k Assigned To => g0tmi1k
2020-02-11 17:08 g0tmi1k Status new => closed
2020-02-11 17:08 g0tmi1k Resolution open => won't fix
2020-03-18 02:11 Protheophage Status closed => feedback
2020-03-18 02:11 Protheophage Resolution won't fix => reopened
2020-03-18 02:11 Protheophage Note Added: 0012426
2020-03-18 16:51 g0tmi1k Assigned To g0tmi1k =>
2020-03-18 16:51 g0tmi1k Status feedback => new
2020-03-30 14:34 g0tmi1k Note Added: 0012562
2020-03-30 14:34 g0tmi1k Status new => acknowledged
2020-03-30 14:34 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-03-30 14:34 g0tmi1k Summary Automated Image Collector (aic) & The Black Scorme (tbs) => Automated Image Collector (aic)
2020-06-17 14:58 g0tmi1k Severity feature => minor
2020-12-01 11:05 g0tmi1k Summary Automated Image Collector (aic) => Automated Image Collector (aic) - Finds and images storage devices Finds all storage devices attached to the computer, and foren
2023-10-18 11:31 daniruiz Summary Automated Image Collector (aic) - Finds and images storage devices Finds all storage devices attached to the computer, and foren => aic (Automated Image Collector) - Finds and images storage devices Finds all storage devices attached to the computer, and foren
2024-03-13 14:25 daniruiz Summary aic (Automated Image Collector) - Finds and images storage devices Finds all storage devices attached to the computer, and foren => aic - (Automated Image Collector) Finds and images storage devices Finds all storage devices attached to the computer, and foren
2024-09-29 11:21 Arszilla Note Added: 0019851
2024-10-22 13:06 daniruiz Assigned To => daniruiz
2024-10-22 13:06 daniruiz Status acknowledged => closed