Info

I read a blog posting (from the excellent Forensics From The Sausage Factory blog) regarding how a forensic investigator was dealing with a large volume of video files extracted from a suspected computer and it reminded me when my boss suggested something similar.

I have used C4M but have found it rather lacking, so until I have written my replacement for C4M and C4P (its on the cards), this is the next best thing. Give it an input folder e.g. from Encase File Finder or C4M enscript, give it an output folder, hit run...It will produce a still image about every 10 seconds, which means you can very quickly get the video content. You could then drag the output folder into Encase and use the gallery viewer to preview.

Features

• Multi-threaded
• Configurable output e.g. same directory or seperate directories per video
• Configurable framerate
• Configurable categories
• MD5 and SHA-1 hashes
• CSV export
• HTML report generation for each video (to allow for quick viewing of each snapshot)

Screenshot