Today, I am releasing Version 1.0 of Case_Notes.py - A cross-platform (Windows, macOS, & Linux) python script to help make the case documentation process easier.
Some of the main features:
- Easy to install and use.
- Lightweight - easy on CPU and memory resources.
- Automatic OS detection.
- Ability to take selective screenshots for case documentation.
- Log file contains notes entries prepended with date/time stamps in UTC or Local Time format.
Case_Notes.py was originally designed to expedite the documentation process of a digital forensic examinations. However, this tool could also be used in:
- Open Source Intelligence (OSINT) investigations.
- Social Media Intelligence (SOCMINT) investigations.
- Notes during penetration tests.
- Capture the Flag (CTF) events.
- General note taking.
- And so much more!
The latest version of this tool can be found here:
In the next blog post, I will be sharing information about setting up and staging a DFIR kit. Stay tuned for more information.
Last but certainly not least, I want to publicly acknowledge Alexis Brignoni (@email@example.com) for his willingness to help me along on my Python journey. He helped review my code and offered of his time and talents. He also has a wealth of information on his blog https://abrignoni.blogspot.com. Give him a follow and checkout his GitHub page for some other awesome forensic tools, https://github.com/abrignoni.