mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-12 07:56:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Removed semi-colons and updated URLs to latest versions.

Browse Source
This commit is contained in:
U-BASIS\dgrove 2017-04-20 16:15:11 -04:00
parent 5c1932f1fc
commit 3379e340c3
8 changed files with 37 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pythonExamples/Aug2015DataSourceTutorial/FindContactsDb.py
View File

@ -97,15 +97,15 @@ class ContactsDbIngestModule(DataSourceIngestModule):
# Where any setup and configuration is done # Where any setup and configuration is done
# 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext. # 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext.
# See: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html
def startUp(self, context): def startUp(self, context):
self.context = context self.context = context
# Where the analysis is done. # Where the analysis is done.
# The 'dataSource' object being passed in is of type org.sleuthkit.datamodel.Content. # The 'dataSource' object being passed in is of type org.sleuthkit.datamodel.Content.
# See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.3/interfaceorg_1_1sleuthkit_1_1datamodel_1_1_content.html # See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.4/interfaceorg_1_1sleuthkit_1_1datamodel_1_1_content.html
# 'progressBar' is of type org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress # 'progressBar' is of type org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress
# See: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_data_source_ingest_module_progress.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_data_source_ingest_module_progress.html
def process(self, dataSource, progressBar): def process(self, dataSource, progressBar):
# we don't know how much work there is yet # we don't know how much work there is yet
@ -120,7 +120,7 @@ class ContactsDbIngestModule(DataSourceIngestModule):
numFiles = len(files) numFiles = len(files)
progressBar.switchToDeterminate(numFiles) progressBar.switchToDeterminate(numFiles)
fileCount = 0; fileCount = 0
for file in files: for file in files:
# Check if the user pressed cancel while we were busy # Check if the user pressed cancel while we were busy

6
pythonExamples/Aug2015DataSourceTutorial/RunExe.py
View File

@ -95,7 +95,7 @@ class RunExeIngestModule(DataSourceIngestModule):
# Where any setup and configuration is done # Where any setup and configuration is done
# 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext. # 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext.
# See: http://sleuthkit.org/autopsy/docs/api-docs/3.1/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html
def startUp(self, context): def startUp(self, context):
self.context = context self.context = context
@ -108,9 +108,9 @@ class RunExeIngestModule(DataSourceIngestModule):
# Where the analysis is done. # Where the analysis is done.
# The 'dataSource' object being passed in is of type org.sleuthkit.datamodel.Content. # The 'dataSource' object being passed in is of type org.sleuthkit.datamodel.Content.
# See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.3/interfaceorg_1_1sleuthkit_1_1datamodel_1_1_content.html # See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.4/interfaceorg_1_1sleuthkit_1_1datamodel_1_1_content.html
# 'progressBar' is of type org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress # 'progressBar' is of type org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress
# See: http://sleuthkit.org/autopsy/docs/api-docs/3.1/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_data_source_ingest_module_progress.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_data_source_ingest_module_progress.html
def process(self, dataSource, progressBar): def process(self, dataSource, progressBar):
# we don't know how much work there will be # we don't know how much work there will be

6
pythonExamples/July2015FileTutorial_BigRound/FindBigRoundFiles.py
View File

@ -92,7 +92,7 @@ class FindBigRoundFilesIngestModule(FileIngestModule):
# Where any setup and configuration is done # Where any setup and configuration is done
# 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext. # 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext.
# See: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html
# TODO: Add any setup code that you need here. # TODO: Add any setup code that you need here.
def startUp(self, context): def startUp(self, context):
self.filesFound = 0 self.filesFound = 0
@ -103,7 +103,7 @@ class FindBigRoundFilesIngestModule(FileIngestModule):
# Where the analysis is done. Each file will be passed into here. # Where the analysis is done. Each file will be passed into here.
# The 'file' object being passed in is of type org.sleuthkit.datamodel.AbstractFile. # The 'file' object being passed in is of type org.sleuthkit.datamodel.AbstractFile.
# See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.3/classorg_1_1sleuthkit_1_1datamodel_1_1_abstract_file.html # See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.4/classorg_1_1sleuthkit_1_1datamodel_1_1_abstract_file.html
def process(self, file): def process(self, file):
# Use blackboard class to index blackboard artifacts for keyword search # Use blackboard class to index blackboard artifacts for keyword search
@ -134,7 +134,7 @@ class FindBigRoundFilesIngestModule(FileIngestModule):
# Fire an event to notify the UI and others that there is a new artifact # Fire an event to notify the UI and others that there is a new artifact
IngestServices.getInstance().fireModuleDataEvent( IngestServices.getInstance().fireModuleDataEvent(
ModuleDataEvent(FindBigRoundFilesIngestModuleFactory.moduleName, ModuleDataEvent(FindBigRoundFilesIngestModuleFactory.moduleName,
BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, None)); BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, None))
return IngestModule.ProcessResult.OK return IngestModule.ProcessResult.OK

4
pythonExamples/Sept2015ReportTutorial_CSV/CsvReportModule.py
View File

@ -27,7 +27,7 @@
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR # ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE. # OTHER DEALINGS IN THE SOFTWARE.
# See http://sleuthkit.org/autopsy/docs/api-docs/4.1/index.html for documentation # See http://sleuthkit.org/autopsy/docs/api-docs/4.4/index.html for documentation
# Simple report module for Autopsy. # Simple report module for Autopsy.
# Used as part of Python tutorials from Basis Technology - September 2015 # Used as part of Python tutorials from Basis Technology - September 2015
@ -71,7 +71,7 @@ class CSVReportModule(GeneralReportModuleAdapter):
# TODO: Update this method to make a report # TODO: Update this method to make a report
# The 'baseReportDir' object being passed in is a string with the directory that reports are being stored in. Report should go into baseReportDir + getRelativeFilePath(). # The 'baseReportDir' object being passed in is a string with the directory that reports are being stored in. Report should go into baseReportDir + getRelativeFilePath().
# The 'progressBar' object is of type ReportProgressPanel. # The 'progressBar' object is of type ReportProgressPanel.
# See: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1report_1_1_report_progress_panel.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1report_1_1_report_progress_panel.html
def generateReport(self, baseReportDir, progressBar): def generateReport(self, baseReportDir, progressBar):
# Open the output file. # Open the output file.

14
pythonExamples/dataSourceIngestModule.py
View File

@ -29,7 +29,7 @@
# Simple data source-level ingest module for Autopsy. # Simple data source-level ingest module for Autopsy.
# Search for TODO for the things that you need to change # Search for TODO for the things that you need to change
# See http://sleuthkit.org/autopsy/docs/api-docs/4.1/index.html for documentation # See http://sleuthkit.org/autopsy/docs/api-docs/4.4/index.html for documentation
import jarray import jarray
import inspect import inspect
@ -94,7 +94,7 @@ class SampleJythonDataSourceIngestModule(DataSourceIngestModule):
# Where any setup and configuration is done # Where any setup and configuration is done
# 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext. # 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext.
# See: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html
# TODO: Add any setup code that you need here. # TODO: Add any setup code that you need here.
def startUp(self, context): def startUp(self, context):
@ -104,9 +104,9 @@ class SampleJythonDataSourceIngestModule(DataSourceIngestModule):
# Where the analysis is done. # Where the analysis is done.
# The 'dataSource' object being passed in is of type org.sleuthkit.datamodel.Content. # The 'dataSource' object being passed in is of type org.sleuthkit.datamodel.Content.
# See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.3/interfaceorg_1_1sleuthkit_1_1datamodel_1_1_content.html # See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.4/interfaceorg_1_1sleuthkit_1_1datamodel_1_1_content.html
# 'progressBar' is of type org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress # 'progressBar' is of type org.sleuthkit.autopsy.ingest.DataSourceIngestModuleProgress
# See: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_data_source_ingest_module_progress.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_data_source_ingest_module_progress.html
# TODO: Add your analysis code in here. # TODO: Add your analysis code in here.
def process(self, dataSource, progressBar): def process(self, dataSource, progressBar):
@ -119,14 +119,14 @@ class SampleJythonDataSourceIngestModule(DataSourceIngestModule):
# For our example, we will use FileManager to get all # For our example, we will use FileManager to get all
# files with the word "test" # files with the word "test"
# in the name and then count and read them # in the name and then count and read them
# FileManager API: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1casemodule_1_1services_1_1_file_manager.html # FileManager API: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1casemodule_1_1services_1_1_file_manager.html
fileManager = Case.getCurrentCase().getServices().getFileManager() fileManager = Case.getCurrentCase().getServices().getFileManager()
files = fileManager.findFiles(dataSource, "%test%") files = fileManager.findFiles(dataSource, "%test%")
numFiles = len(files) numFiles = len(files)
self.log(Level.INFO, "found " + str(numFiles) + " files") self.log(Level.INFO, "found " + str(numFiles) + " files")
progressBar.switchToDeterminate(numFiles) progressBar.switchToDeterminate(numFiles)
fileCount = 0; fileCount = 0
for file in files: for file in files:
# Check if the user pressed cancel while we were busy # Check if the user pressed cancel while we were busy
@ -167,4 +167,4 @@ class SampleJythonDataSourceIngestModule(DataSourceIngestModule):
"Sample Jython Data Source Ingest Module", "Found %d files" % fileCount) "Sample Jython Data Source Ingest Module", "Found %d files" % fileCount)
IngestServices.getInstance().postMessage(message) IngestServices.getInstance().postMessage(message)
return IngestModule.ProcessResult.OK; return IngestModule.ProcessResult.OK

10
pythonExamples/fileIngestModule.py
View File

@ -29,7 +29,7 @@
# Simple file-level ingest module for Autopsy. # Simple file-level ingest module for Autopsy.
# Search for TODO for the things that you need to change # Search for TODO for the things that you need to change
# See http://sleuthkit.org/autopsy/docs/api-docs/4.1/index.html for documentation # See http://sleuthkit.org/autopsy/docs/api-docs/4.4/index.html for documentation
import jarray import jarray
import inspect import inspect
@ -94,7 +94,7 @@ class SampleJythonFileIngestModule(FileIngestModule):
# Where any setup and configuration is done # Where any setup and configuration is done
# 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext. # 'context' is an instance of org.sleuthkit.autopsy.ingest.IngestJobContext.
# See: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1ingest_1_1_ingest_job_context.html
# TODO: Add any setup code that you need here. # TODO: Add any setup code that you need here.
def startUp(self, context): def startUp(self, context):
self.filesFound = 0 self.filesFound = 0
@ -105,7 +105,7 @@ class SampleJythonFileIngestModule(FileIngestModule):
# Where the analysis is done. Each file will be passed into here. # Where the analysis is done. Each file will be passed into here.
# The 'file' object being passed in is of type org.sleuthkit.datamodel.AbstractFile. # The 'file' object being passed in is of type org.sleuthkit.datamodel.AbstractFile.
# See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.3/classorg_1_1sleuthkit_1_1datamodel_1_1_abstract_file.html # See: http://www.sleuthkit.org/sleuthkit/docs/jni-docs/4.4/classorg_1_1sleuthkit_1_1datamodel_1_1_abstract_file.html
# TODO: Add your analysis code in here. # TODO: Add your analysis code in here.
def process(self, file): def process(self, file):
# Skip non-files # Skip non-files
@ -139,14 +139,14 @@ class SampleJythonFileIngestModule(FileIngestModule):
# Fire an event to notify the UI and others that there is a new artifact # Fire an event to notify the UI and others that there is a new artifact
IngestServices.getInstance().fireModuleDataEvent( IngestServices.getInstance().fireModuleDataEvent(
ModuleDataEvent(SampleJythonFileIngestModuleFactory.moduleName, ModuleDataEvent(SampleJythonFileIngestModuleFactory.moduleName,
BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, None)); BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT, None))
# For the example (this wouldn't be needed normally), we'll query the blackboard for data that was added # For the example (this wouldn't be needed normally), we'll query the blackboard for data that was added
# by other modules. We then iterate over its attributes. We'll just print them, but you would probably # by other modules. We then iterate over its attributes. We'll just print them, but you would probably
# want to do something with them. # want to do something with them.
artifactList = file.getArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT) artifactList = file.getArtifacts(BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT)
for artifact in artifactList: for artifact in artifactList:
attributeList = artifact.getAttributes(); attributeList = artifact.getAttributes()
for attrib in attributeList: for attrib in attributeList:
self.log(Level.INFO, attrib.toString()) self.log(Level.INFO, attrib.toString())

3
pythonExamples/fileIngestModuleWithGui.py
View File

@ -35,7 +35,7 @@
# don't need a configuration UI, start with the other sample module. # don't need a configuration UI, start with the other sample module.
# #
# Search for TODO for the things that you need to change # Search for TODO for the things that you need to change
# See http://sleuthkit.org/autopsy/docs/api-docs/4.1/index.html for documentation # See http://sleuthkit.org/autopsy/docs/api-docs/4.4/index.html for documentation
import jarray import jarray
@ -204,4 +204,3 @@ class SampleFileIngestModuleWithUISettingsPanel(IngestModuleIngestJobSettingsPan
# Return the settings used # Return the settings used
def getSettings(self): def getSettings(self):
return self.local_settings return self.local_settings

6
pythonExamples/reportmodule.py
View File

@ -31,7 +31,7 @@
# Sample report module for Autopsy. Use as a starting point for new modules. # Sample report module for Autopsy. Use as a starting point for new modules.
# #
# Search for TODO for the things that you need to change # Search for TODO for the things that you need to change
# See http://sleuthkit.org/autopsy/docs/api-docs/4.1/index.html for documentation # See http://sleuthkit.org/autopsy/docs/api-docs/4.4/index.html for documentation
import os import os
from java.lang import System from java.lang import System
@ -69,7 +69,7 @@ class SampleGeneralReportModule(GeneralReportModuleAdapter):
# TODO: Update this method to make a report # TODO: Update this method to make a report
# The 'baseReportDir' object being passed in is a string with the directory that reports are being stored in. Report should go into baseReportDir + getRelativeFilePath(). # The 'baseReportDir' object being passed in is a string with the directory that reports are being stored in. Report should go into baseReportDir + getRelativeFilePath().
# The 'progressBar' object is of type ReportProgressPanel. # The 'progressBar' object is of type ReportProgressPanel.
# See: http://sleuthkit.org/autopsy/docs/api-docs/4.1/classorg_1_1sleuthkit_1_1autopsy_1_1report_1_1_report_progress_panel.html # See: http://sleuthkit.org/autopsy/docs/api-docs/4.4/classorg_1_1sleuthkit_1_1autopsy_1_1report_1_1_report_progress_panel.html
def generateReport(self, baseReportDir, progressBar): def generateReport(self, baseReportDir, progressBar):
# For an example, we write a file with the number of files created in the past 2 weeks # For an example, we write a file with the number of files created in the past 2 weeks
@ -101,7 +101,7 @@ class SampleGeneralReportModule(GeneralReportModuleAdapter):
report.close() report.close()
# Add the report to the Case, so it is shown in the tree # Add the report to the Case, so it is shown in the tree
Case.getCurrentCase().addReport(fileName, self.moduleName, "File Count Report"); Case.getCurrentCase().addReport(fileName, self.moduleName, "File Count Report")
progressBar.increment() progressBar.increment()