docker-forensics-tools

A suite of Docker images containing useful forensics tools.

Getting Started

If you're using macOS, the easiest way to install Docker for Mac is with Homebrew:

brew cask install docker

With Docker installed and running, clone this repository:

git clone https://github.com/jgarber623/docker-forensics-tools

From the root of this project, run:

docker build -t forensics-tools:base ./base
docker build -t forensics-tools:bulk_extractor ./bulk_extractor

These two commands will create tagged forensics-tools images. Each image will contain the tools specified in the associated Dockerfiles.

Run the generated images using the following commands:

docker run --rm -it forensics-tools:base
docker run --rm -it forensics-tools:bulk_extractor

This command will run an interactive session (-i), allocate a pseudo-TTY (-t), and remove the container when exiting (--rm).

The full list of installed packages can be viewed by running apt list --installed from the launched container's shell.

docker-forensics-tools is freely available under the MIT License.

Name		Name	Last commit message	Last commit date
Latest commit History 9 Commits
base		base
bulk_extractor		bulk_extractor
.editorconfig		.editorconfig
.travis.yml		.travis.yml
LICENSE		LICENSE
README.md		README.md