Getting started

This recipe requires the installation of four third-party modules to function: pytsk3, pyewf, pyesedb, and unicodecsv. Refer to Chapter 8, Working with Forensic Evidence Container Recipes, for a detailed explanation on installing the pytsk3 and pyewf modules. Likewise, refer to the Getting started section in the Parsing prefetch files recipe for details on installing unicodecsv. All other libraries used in this script are present in Python's standard library.

Navigate to the GitHub repository and download the desired release for each library. This recipe was developed using the libesedb-experimental-20170121 release. Once the contents of the release are extracted, open a terminal, navigate to the extracted directory, and execute the following commands:

./synclibs.sh
./autogen.sh
sudo python setup.py install
To learn more about the pyesedb library, visit https://github.com/libyal/libesedb.
Lastly, we can check our library's installation by opening a Python interpreter, importing pyesedb, and running the gpyesedb.get_version() method to ensure we have the correct release version.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.224.95.38