creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-15 23:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-file-carving-with-foremost/references/api-reference.md
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

49 lines
1.5 KiB
Markdown
Raw Blame History

# API Reference: File Carving with Foremost
## Foremost CLI
| Command | Description |
|---------|-------------|
| `foremost -t <types> -i <image> -o <output>` | Carve files of specified types from image |
| `foremost -c <config> -i <image> -o <output>` | Carve using custom configuration file |
| `foremost -v -t all -i <image> -o <output>` | Verbose carving of all supported types |
## Foremost Options
| Flag | Description |
|------|-------------|
| `-t` | File types to carve (jpg, png, pdf, doc, all) |
| `-i` | Input disk image path |
| `-o` | Output directory for carved files |
| `-c` | Custom foremost.conf path |
| `-v` | Verbose mode with progress details |
## Scalpel CLI
| Command | Description |
|---------|-------------|
| `scalpel -c <config> -o <output> <image>` | High-performance carving with config |
## foremost.conf Format
```
# extension case_sensitive max_size header footer
jpg y 200000 \xff\xd8\xff \xff\xd9
pdf y 5000000 %PDF %%EOF
```
## Python Libraries
| Library | Version | Purpose |
|---------|---------|---------|
| `subprocess` | stdlib | Execute foremost/scalpel commands |
| `hashlib` | stdlib | SHA-256 hashing for evidence integrity |
| `pathlib` | stdlib | File system traversal of carved output |
## References
- Foremost source: https://foremost.sourceforge.net/
- Scalpel repository: https://github.com/sleuthkit/scalpel
- Sleuth Kit (blkls, mmls): https://sleuthkit.org/
- File signature database: https://www.garykessler.net/library/file_sigs.html
Reference in New Issue View Git Blame Copy Permalink