Final Year Uni Project.

Vita

Vita

Vita

Soldato
Joined
26 Mar 2006
Posts
11,631
Location
United Kingdom
Hi all,

I'm in my final year of doing Computer Forensics at Uni. We have been told to do a Final Year, Individual Project. The Project should have a end product.

I have chosen to do a product which will be a software application. This application will find artefacts, which have been left by Yahoo, Facebook, MySpace, Twitter. For example, protocol messages and other scripts that may be of forensic use.

We studied Programming in the first year which was C+, but not in the 2nd or final year. What would be the best programming language for this, I want the application to scan memory dumps, pagefile.sys and hiberfil.sys for traces left by the sites mentioned.

Can someone point me in the right direction as I'm relatively new to this.

Thanks to all replies in advance.
 
I would go with something high level like C# or Python, but if you're confident with C++ use it. Ultimately, language choice won't really matter too much as from what you've said you should just need a good file I/O API, so you can work with files on a byte by byte level.

You will need to devise a pattern matching algorithm to find and extract what you want within the .sys and mem dump files. But once you have this worked out on paper, any language you are confident with will do the job, but something like C# or Python may be easier :)
 
tntcoder said:
I would go with something high level like C# or Python, but if you're confident with C++ use it. Ultimately, language choice won't really matter too much as from what you've said you should just need a good file I/O API, so you can work with files on a byte by byte level.

You will need to devise a pattern matching algorithm to find and extract what you want within the .sys and mem dump files. But once you have this worked out on paper, any language you are confident with will do the job, but something like C# or Python may be easier :)
Click to expand...

Thank you very much for your reply. I think I'll have a go with C#, I want to create a GUI, it will just be a simple application. But thanks again, for the reply.

It's all relatively new to me, and I'm continuing with my research. But you've put me onto the right track. Thanks again! :cool::)
 
Would MS Visual Studio be a good starting point, to create the application?
 
tntcoder said:
Yep, using C# it will be the best starting point :)
Click to expand...

Thanks. I was thinking of using Visual Basic with C++. However, I think learning C# would be a better idea. It's ambitious as I hated programming in the first year, but I think If I learn it, it would be a good starting point for going into forensics. As I'd know where to look for data.
 
Update: Been using MS Visual Studio and I've done some tutorials. However with what I'm wanting to do, I think I'd find it very difficult and boring, and I don't really want to do a project which I'd find either of what I've mentioned.

So I've decided to go on to my back up project.

I'd like to create a Application based similar to a web-scraper. Instead of scraping the web for information, it would scrape the HDD and look in locations of where history is of chat records for internet chat messaging clients, ie; MSN/AIM/Yahoo. And maybe if it can be done, to find chat records even if they haven't been recorded. And then send these to a folder to be viewed for later viewing.

Is this possible?

Thanks in advance.
 
I think reading chat logs is too easy, you'll probably not get as much credit.

I liked your idea of scanning the pagefile as a starting point. Perhaps you'll get more ideas as you progress with that.
 
billysielu said:
I think reading chat logs is too easy, you'll probably not get as much credit.

I liked your idea of scanning the pagefile as a starting point. Perhaps you'll get more ideas as you progress with that.
Click to expand...

Well it's one of the projects which you can undertake. I'm totally lost with the idea of scanning the pagefile.sys, it's just coding, in which I'm finding trouble with.
 
You must log in or register to reply here.
Back
Top Bottom