REAPER Preview

Project: Rapid Evidence Acquisition Project for Event Reconstruction (REAPER) Preview

Purpose: A forensic boot CD that quickly and automatically extracts a preview of a suspect system

Status: Not active (superseded by the ATOM project)
License: GNU GPLv3

Developer(s): Joshua James

More information:

A proof of concept has been created, but has not been maintained. The source is available via the REAPER Forensics project at Sourceforge.

REAPERPreview is a bootable USB/CD that automatically extracts a preview of images, searches for keywords (based on keyword lists), and conducts hash analysis using the suspect's hardware. The focus of the project was on conducting common digital investigation tasks as fast as possible to help make informed decisions on-scene, at an airport (customs), or even before conducting a time-consuming full analysis in a laboratory.

The functionality of REAPERPreview has been incorporated into the easily-configurable ATOM framework.


Links:

• Presentation in Sleuthkit and Open Source Digital Forensics Conference 2011
• http://www.basistech.com/about-us/events/open-source-forensics-conference/2011/presentations/
• UCD REAPER project page
• REAPER Forensics Sourceforge project page