diff options
Diffstat (limited to 'system/bulk_extractor/README')
| -rw-r--r-- | system/bulk_extractor/README | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/system/bulk_extractor/README b/system/bulk_extractor/README new file mode 100644 index 0000000000..76ec8a701f --- /dev/null +++ b/system/bulk_extractor/README @@ -0,0 +1,10 @@ +bulk_extractor is a C++ program that scans a disk image, a file, or a directory +of files and extracts useful information without parsing the file system or +file system structures. The results are stored in feature files that can be +easily inspected, parsed, or processed with automated tools. bulk_extractor +also creates histograms of features that it finds, as features that are more +common tend to be more important. + +bulk_extractor is distinguished from other forensic tools by its speed and +thoroughness. + |