Truehunter – Tool to detect TrueCrypt containers

TrueCrypt Truehunter - Tool  to detect TrueCrypt containers Technology

The objective of Truehunter is to detect TrueCrypt containers the usage of a quick and reminiscence environment friendly way. It was once designed as a PoC a while in the past as I could not in finding any open supply device with the similar capability.


Set up
Simply use with Python 2.7, it does no longer want any further libraries.

utilization: truehunter.py [-h] [-D HEADERSFILE] [-m MINSIZE] [-M MAXSIZE]
[-R MAXHEADER] [-f] [-o OUTPUTFILE]
LOCATION
Tests for record dimension, unknown header, and entropy of information to decide if
they're encrypted containers.
positional arguments:
LOCATION Power or listing to scan.
non-compulsory arguments:
-h, --help display this assist message and go out.
-D HEADERSFILE, --database HEADERSFILE
Headers database record, default headers.db
-m MINSIZE, --minsize MINSIZE
Minimal record dimension in Kb, default 1Mb.
-M MAXSIZE, --maxsize MAXSIZE
Most record dimension in Kb, default 100Mb.
-R MAXHEADER, --repeatHeader MAXHEADER
Discard information with unknown headers repeated greater than
N instances, default 3.
-f, --fast Don't calculate entropy.
-o OUTPUTFILE, --outputfile OUTPUTFILE
Scan effects record title, default scan_results.csv

N2RS-1mezY0 Truehunter - Tool  to detect TrueCrypt containers Technology