digital-forensics-labs/digital-forensics-lab
1
0
Fork 0
mirror of https://github.com/frankwxu/digital-forensics-lab.git synced 2026-02-20 13:40:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

add p2p case study on 6/25/2021

Browse Source
This commit is contained in:
Frank Xu
2021-06-25 15:02:14 -04:00
parent c43422bb45
commit 3fcf751602
14 changed files with 110 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
P2P_Leakage/Presentation/ID00_Lab_Setup.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID01_Disk_Image_and_Partitions.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID02_Registry_and_File_Directory.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID03_MFT_Timeline.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID04_USN_Journal_Timeline.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID05_uTorrent_Log_File.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID06_File_Signature.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID07_Emails.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID08_Web_History.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID09_Website_Analysis.pptx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/ID10_Timeline_of_Case.xlsx Normal file
View File

Binary file not shown.

BIN
P2P_Leakage/Presentation/Questions.docx Normal file
View File

Binary file not shown.

55
P2P_Leakage/Scripts/p2p_lab_tool_install.bash Normal file
View File

@@ -0,0 +1,55 @@
#!/bin/bash
echo "*******************************"
echo "* *"
echo "* Installation Script *"
echo "* *"
echo "* *"
echo "* University of Baltimore *"
echo "* *"
echo "*******************************"
echo -e "Installing necessary tools...\n"
# Installing tools
sudo apt update -y
sudo apt install git hashdeep libreoffice mutt python2 python3 python3-evtx sleuthkit sqlite3 sqlitebrowser xmlstarlet wine64 -y
sudo apt install vinetto tree libhivex-bin python3-hivex libesedb-utils pasco pff-tools libnl-utils libvshadow-utils ewf-tools -y
sudo apt install python-setuptools python3-setuptools python3-plaso pip foremost pst-utils bulk_extractor libimage-exiftool-perl -y
pip3 install time-decode
sudo apt install npm -y
sudo npm install -g imgclip
cd ~/Downloads
wget https://raw.githubusercontent.com/dfir-scripts/installers/main/RegRipper30-apt-git-Install.sh
sudo bash RegRipper30-apt-git-Install.sh
rm RegRipper30-apt-git-Install.sh
wget https://github.com/torrent-file-editor/torrent-file-editor/releases/download/v0.3.17/torrent-file-editor-0.3.17-x64.exe
wget https://f001.backblazeb2.com/file/EricZimmermanTools/JLECmd.zip
unzip JLECmd.zip && rm JLECmd.zip
# Installing other tools
mkdir ~/Forensic_Tools
mv torrent-file-editor-0.3.17-x64.exe ~/Forensic_Tools
cd ~/Forensic_Tools
git clone https://github.com/volatilityfoundation/volatility.git
git clone https://github.com/volatilityfoundation/volatility3.git
git clone https://github.com/PoorBillionaire/USN-Journal-Parser.git
git clone https://github.com/PoorBillionaire/USN-Record-Carver.git
git clone https://github.com/PoorBillionaire/Windows-Prefetch-Parser.git
git clone https://github.com/prolsen/recentfilecache-parser.git
git clone https://github.com/dkovar/analyzeMFT.git
mkdir JLECmd && mv ~/Downloads/JLECmd.exe ./JLECmd
mkdir Torrent_File_Editor && mv ~/Downloads/torrent-file-editor-0.3.17-x64.exe ./Torrent_File_Editor
cd
# Installing terminal emulator
sudo apt install terminator -y
# Ending
echo -e "\nFinished!\n"

55
P2P_Leakage/Scripts/p2p_lab_tool_install.txt Normal file
View File

@@ -0,0 +1,55 @@
#!/bin/bash
echo "*******************************"
echo "* *"
echo "* Installation Script *"
echo "* *"
echo "* *"
echo "* University of Baltimore *"
echo "* *"
echo "*******************************"
echo -e "Installing necessary tools...\n"
# Installing tools
sudo apt update -y
sudo apt install git hashdeep libreoffice mutt python2 python3 python3-evtx sleuthkit sqlite3 sqlitebrowser xmlstarlet wine64 -y
sudo apt install vinetto tree libhivex-bin python3-hivex libesedb-utils pasco pff-tools libnl-utils libvshadow-utils ewf-tools -y
sudo apt install python-setuptools python3-setuptools python3-plaso pip foremost pst-utils bulk_extractor libimage-exiftool-perl -y
pip3 install time-decode
sudo apt install npm -y
sudo npm install -g imgclip
cd ~/Downloads
wget https://raw.githubusercontent.com/dfir-scripts/installers/main/RegRipper30-apt-git-Install.sh
sudo bash RegRipper30-apt-git-Install.sh
rm RegRipper30-apt-git-Install.sh
wget https://github.com/torrent-file-editor/torrent-file-editor/releases/download/v0.3.17/torrent-file-editor-0.3.17-x64.exe
wget https://f001.backblazeb2.com/file/EricZimmermanTools/JLECmd.zip
unzip JLECmd.zip && rm JLECmd.zip
# Installing other tools
mkdir ~/Forensic_Tools
mv torrent-file-editor-0.3.17-x64.exe ~/Forensic_Tools
cd ~/Forensic_Tools
git clone https://github.com/volatilityfoundation/volatility.git
git clone https://github.com/volatilityfoundation/volatility3.git
git clone https://github.com/PoorBillionaire/USN-Journal-Parser.git
git clone https://github.com/PoorBillionaire/USN-Record-Carver.git
git clone https://github.com/PoorBillionaire/Windows-Prefetch-Parser.git
git clone https://github.com/prolsen/recentfilecache-parser.git
git clone https://github.com/dkovar/analyzeMFT.git
mkdir JLECmd && mv ~/Downloads/JLECmd.exe ./JLECmd
mkdir Torrent_File_Editor && mv ~/Downloads/torrent-file-editor-0.3.17-x64.exe ./Torrent_File_Editor
cd
# Installing terminal emulator
sudo apt install terminator -y
# Ending
echo -e "\nFinished!\n"