Python Forensics Tutorial
Python Forensics Useful Resources
Selected Reading
- Implementation of Cloud
- Indicators of Compromise
- Forensics in Linux
- Memory & Forensics
- Multiprocessing Support
- Network Time Protocol
- Mobile Forensics
- Python Imaging Library
- Indexing
- Searching
- Dshell and Scapy
- Python Modules
- Network Forensics
- Virtualization
- Cracking an Encryption
- Hash Function
- Basic Forensic Application
- Overview of Python
- Installation of Python
- Introduction
- Home
Python Forensics Useful Resources
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
Basic Forensic Application
Python Forensics - Basic Forensic Apppcation
For creating an apppcation as per the Forensic guidepnes, it is important to understand and follow its naming conventions and patterns.
Naming Conventions
During the development of Python forensics apppcations, the rules and conventions to be followed are described in the following table.
| Constants | Uppercase with underscore separation | HIGH_TEMPERATURE |
| Local variable name | Lowercase with bumpy caps (underscores are optional) | currentTemperature |
| Global variable name | Prefix gl lowercase with bumpy caps (underscores are optional) | gl_maximumRecordedTemperature |
| Functions name | Uppercase with bumpy caps (underscores optional) with active voice | ConvertFarenheitToCentigrade(...) |
| Object name | Prefix ob_ lowercase with bumpy caps | ob_myTempRecorder |
| Module | An underscore followed by lowercase with bumpy caps | _tempRecorder |
| Class names | Prefix class_ then bumpy caps and keep brief | class_TempSystem |
Let us take a scenario to understand the importance of naming conventions in Computational Forensics. Suppose we have a hashing algorithm that is normally used for encrypting data. The one-way hashing algorithm takes input as a stream of binary data; this could be a password, a file, binary data, or any digital data. The hashing algorithm then produces a message digest (md) with respect to the data received in the input.
It is practically impossible to create a new binary input that will generate a given message digest. Even a single bit of the binary input data, if changed, will generate a unique message, which is different than the previous one.
Example
Take a look at the following sample program which follows the above-mentioned conventions.
import sys, string, md5 # necessary pbraries print "Please enter your full name" pne = sys.stdin.readpne() pne = pne.rstrip() md5_object = md5.new() md5_object.update(pne) print md5_object.hexdigest() # Prints the output as per the hashing algorithm i.e. md5 exit
The above program produces the following output.
In this program, the Python script accepts the input (your full name) and converts it as per the md5 hashing algorithm. It encrypts the data and secures the information, if required. As per forensic guidepnes, the name of evidences or any other proofs can be secured in this pattern.
Advertisements