Ubuntu and Python a nice couple

I’m often asked: What is the best environment for developing Python applications?

The answer of course is that depends, mostly on your preferences. The great thing about Python is whether you are most comfortable on a Mac, Windows 8 or Linux you can enjoy the same integrated development environment.

However, with the advent of Ubuntu 12.x LTS (Long Term Support version) it certainly rises to the top for Linux. This version is guaranteed to be supported with updates and security patches until April 2017. http://www.ubuntu.com/download/desktop

In addition, Python 2.7.3 comes installed as part of the base installation. Also, the Ubuntu Software Center is available once installed and by searching for Python a plethora of additional resources and downloads are available to enhance your Python experience.


Posted in Announcement | Leave a comment

Using Hex and Binary Numbers in Python

One of the first questions forensic investigators ask about when writing python programs or scripts is how do I handle Hex and Binary numbers and perform simple operations?

Python has built in intuitive capabilities to handle such numbers. Remember Python is designed to be as easy to read as English.

Opening the Python shell we can see how easy this really is.

> python
Python 2.7.5 (default, May 15 2013, 22:43:36) [MSC v.1500 32 bit (Intel)]
Type “help”, “copyright”, “credits” or “license” for more information.

# First set the variable named value = to the decimal number 127
>>> value = 127
# displaying the number in hex as you would suspect is as easy and saying
# show me the hex representation of the variable “value”. using the proper syntax of course
>>> hex(value)
# I like to see my hex numbers in all caps, I know old school
# so I add on the upper() function as shown below
>>> hex(value).upper()

#displaying the number in binary works the same way
>>> bin(value)
# what if we want to “Exclusive Or” two hex values together?
# we first set variable A = to a hex 20 and variable B = to a hex 40
>>> A = 0x20
>>> B = 0x40
# then we use the carrot operator to create the new variable C
# (this operator represents “Exclusive Or” in most languages)
>>> C = A ^ B

# then we use the hex function once again to display the result
>>> hex(C).upper()

# and of course we then would like to display the variable C in binary
>>> bin(C)

As the saying goes “as easy as pie”
One of the earliest uses of this idiom was in a comic story found in the The Newport Mercury (a Rhode Island Newspaper) back in 1887.

Posted in Example | Leave a comment

Python-Forensics @ Techno Security

A Python-Forensics lecture, demonstration along with a mini training session was held at the 15th annual Techno Security Conference in Myrtle Beach, SC.

Over 50 attendees participated and we had a great interchange of ideas.

Thanks to all that participated.

Posted in Announcement | 3 Comments

Quick Hash Python Script Added

Check out the Quick Hash Python Script and submit ideas for improvement

Posted in Announcement | 1 Comment


Welcome to Python-Forensics.org

Our mission is to bring together researchers, developers, investigators and anyone else that is passionate about investigating cyber-crime, to build python based forensic tools that are freely shared with the world.

Posted in General | Leave a comment