Tag Archives: Plaso

Plaso In Progress

 Our goal this past week was to have Plaso successfully built and running on SIFT 2.14 so we could begin testing and comparing results. However, this proved to be very difficult. Plaso is built in python, using precise (version 2.7.3), while Sift 2.14 is running on an older version of Linux (lucid). Because certain […]

Continue reading

Introducing Plaso

LCDI logo_large

Timeline analysis offers the ability to look at an entire case as a sequential list. The Senator Patrick Leahy Center for Digital Investigation (LCDI) has focused a number of research projects on timeline analysis. This past summer, the LCDI researched the tools associated with timeline creation (insert blog link here) and their specific features. Log2Timeline, written by Kristinn Gudjonsson, has received a lot of praise in the digital forensics community. Recently, Kristinn has ventured to a new project named Plaso. Continue reading