Git Product home page Git Product logo

fast's Introduction

Developed by Thales Group CERT.

Forensic Analysis Software Toolbox - FAST

For investigation purpose, you can automatically install forensic software in your virtual machine. FAST works well on hosts too, but this approach is not recommended in case of of malware processing.

Tested on

  • Windows 10 (system 64x) version 20H2
  • Ubuntu 20.04.3 LTS (64-bit)

Goals

  • The script install DFIR pieces of software without almost no user interaction
  • Update and remove easily already installed software
  • Running on Windows and Linux based systems

Why FAST?

  • To ease software installation
  • To help people in countries with slow internet connection
  • To avoid downloading Virtual Machine with large amout of data

Prerequisites

You can install forensic software in your own computer, but it's highly recommended to install it into a Virtual Machine.

Installation of software in Virtual Machine

  • VMWare Workstation Pro / Virtual Box / Other Virtual Machine Software Programs
  • ISO Ubuntu 20 / ISO Windows 10

General Setup

  • Once your Virtual Machine is running, make sure to do all the updates, otherwise the program might not work properly
  • Turn off standby and hibernation to avoid stopping software installation
  • If required, download FTKImager separately (https://www.exterro.com/ftk-imager) and drop the installer in "Softwares > FtkImager" folder
  • Disable the antivirus if you are installing Nirsoft software as it could trigger alerts and remove binaries considered as hacktools

WINDOWS 10

Setup for installation

1. DOWNLOAD PYTHON

Go to Microsoft Store and download Python 3

2. Open FAST directory
  • Go to Setup folder and execute windows.bat script
  • Click Yes button to give the script administrator rights, it will install Winget and Tkinter
3. User interaction might be required during Winget installation:

  • You will see Winget installation processing

  • If Winget is already installed, you won't have to do anything

  • Otherwise, you have to click on Update button that appears, then close that window

How to use the programm on Windows 10

  • Click on Launch_Windows.bat to run the program and let the application to run as administrator

1. Check the software that you want to install or update
2. Choose your mode (Install / Update / Remove)
3. (Optional) If you want to install or update a software using wsl, you need to put the password of your Ubuntu Windows Subsystem
  • For the first installation, it creates a user in the ubuntu subsystem
  • Add your WSL password on the input if you are installing or updating a software using WSL
Default WSL username and password
- Username: user
- Password: root

Make sure to change the password after installation

4. Click on submit
5. Check the detail of the process

UBUNTU 20.04.3

Setup for installation

1. Go to the FAST directory with command prompt

cd 'to the related directory'

2. Give the right to the setup file to be launched, then launch it to install python3 and tkinter
cd Setup
chmod 764 ubuntu.sh
./ubuntu.sh

The file ubuntu.sh is only used to setup FAST and to install dependancies.

3. Enter your password to install Python3 and Tkinter

How to use the program on Ubuntu 20.04.3

Launch the program from the command prompt

python3 FAST.py
1. Check the software that you want to install or update
2. Choose your mode (Install / Update / Remove)
3. Enter your password in order to let the app to be a super admin
4. Click on submit
5. Check the detail of the process

Tree

├── README.md
├── FAST.py
├── Classes.py
├── Json.py
├── Launch_Windows.bat
├── Setup
│   ├── ubuntu.sh
│   ├── windows.bat
│   └── build_md.py
├── Documentation
│   ├── CheatSheet SANS
│   │   ├── cheatsheet.pdf
│   │   └── ...
│   ├── Ressources
│   │   ├── ressources.png
│   │   └── ...
│   ├── Troubleshooting
│   │   ├── troubleshooting.png
│   │   └── ...
│   └── Software
│       ├── Autopsy.md
│       ├── Cyberchef.md
│       ├── ...
│       ├── Ubuntu.md
│       └── Windows.md
├── Tutorial
│   ├── Setup_ubuntu.mp4
│   ├── Tutorial.mkv
│   └── ...
└── Softwares
    ├── Example.json
    ├── Autopsy
    │   ├── installAutopsy.sh
    │   ├── installAutopsy.bat
    │   ├── updateAutopsy.bat
    │   ├── removeAutopsy.bat
    │   └── Autopsy.json
    ├── CyberChef
    │   ├── Cyberchef.py
    │   ├── requirements.txt
    │   └── Cyberchef.json
    ├── FTKImager
    │   ├── FTKImager.exe (Download the executable in https://www.exterro.com/ftk-imager)
    │   ├── installFtkImager.bat
    │   └── FtkImager.json
    └── ...

LICENSE

The FAST code is released under the Massachusetts Institute of Technology (MIT) license. See LICENSE for details.

EMBEDDED SOFTWARE

This section lists the software components and libraries that are distributed by FAST.

You can find a specific documentation related to each software you can install in Documentation > Software.

  • Ubuntu.md : a summary of all the software that can be install in ubuntu operating system
  • Windows.md : a summary of all the software that can be install in windows operating system
Autopsy
Cyberchef
FreeHexEditor (Freeware)
FtkImager
Remnux
Sift
Wireshark
WSL

EMBEDDED RESOURCES

This section lists other resources, such as cheatsheets that are used by FAST.

SANS Cheatsheets

fast's People

Contributors

remitang avatar tux-panik avatar

Stargazers

avatar CLF avatar Félix Herrenschmidt avatar

Watchers

Félix Herrenschmidt avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.