Stable release 2.2.0pl4 Operating system Type Computer forensics | Development status Discontinued Available in English | |
Developer(s) Korps landelijke politiediensten | ||
The Open Computer Forensics Architecture (OCFA) is an distributed open-source computer forensics framework used to analyze digital media within a digital forensics laboratory environment. The framework was built by the Dutch national police.
Architecture
OCFA consists of a back end for the Linux platform, it uses a PostgreSQL database for data storage, a custom Content-addressable storage or CarvFS based data repository and a Lucene index. The front end for OCFA has not been made publicly available due to licensing issues.
The framework integrates with other open source forensic tools and includes modules for The Sleuth Kit, Scalpel, Photorec, libmagic, GNU Privacy Guard, objdump, exiftags, zip, 7-zip, tar, gzip, bzip2, rar, antiword, qemu-img, and mbx2mbox. OCFA is extensible in C++ or Java.