{
    "info": {
        "author": "Marc Herndon",
        "author_email": "mth309@poly.edu",
        "bugtrack_url": null,
        "classifiers": [],
        "description": "===========\nLaZy_NT\n===========\n\nLaZy_NT is a forensic analysis and data recovery framework designed to carve\nfiles from raw disk images. It uses file signatures and other techniques to\nrecover as much of the original data as possible.\n\nThe feature that sets this software apart from more well-known file carving\nutilties is  that it was designed to detect and carve files that have been\ncompressed by the NTFS file system. NTFS supports compression of individual\nfiles, folders or entire volumes using the proprietary 'LZNT1' algorithm, from\nwhich this package derives its name. While processing a disk image, if NTFS\ncompression is detected, LaZy_NT will decompress the data stream on the fly to\nensure that the correct file data is recovered.\n\nIn addition to standard file carving, LaZy_NT provides a rudimentary bulk\nASCII extraction capability to support forensic investigation. When enabled,\nthis mode will decompress and extract all ASCII text data and evaluate it to\nidentify email addresses, URLs, and other personal or forensically interesting\ninformation.\n\nLaZy_NT operates normally on files and volumes which have not been compressed,\nand on images of non-NTFS file systems. However under those circumstances the\nrecovery performance may not be as good as a combination of more well known\nfile carving and bulk extraction utilities.\n\nUsage\n=====\n\nThe simplest way to invoke the pre-made application is to call the ``run()``\nmethod of the ``App`` class within the ``app`` module. The following example\ndemonstrates how this canbe implemented as a simple launcher script::\n\n    #!python\n    from LaZy_NT import app\n    ...\n    # Obtain command line arguments, e.g. via argparse, to pass to App() as\n    # keyword arguments. Otherwise defaults from `config` will be used.\n    ...\n    application = app.App()\n    application.run()\n\nAlternatively, the API exposed by LaZy_NT can be used to build a more\ncustomized file recovery application, without using the ``app`` module\nat all.\n\nInstallation\n============\n``LaZy_NT`` is available on PyPI and installable via ``pip``::\n\n    python -m pip install LaZy_NT\n\nThe following optional dependencies enhance LaZy_NT by adding metadata\nextraction for files after they've been carved::\n\n    hachoir-core, hachoir-parser, hacoir-metadata\n    openxmllib\n    pyPdf\n    Pillow (or PIL)\n\nAll optional dependencies will be installed automatically if ``LaZy_NT``\nis installed through ``pip``.\n\nDocumentation\n=============\nDocumentation for ``LaZy_NT`` was generated using ``pdoc``.\n\nAcknowledgements\n================\nI would like to recognize Richard Russon and Yuval Fledel, authors of the\n'NTFS Documentation' manual associated with the Linux NTFS filesystem driver.\nWithout their detailed explanation of the LZNT1 algorithm, this project would\nnot have been possible.\n\nI would also like to recognize Simson L. Garfinkel, designer of the well known\n'Bulk Extractor' utility. While I have not viewed or used any of his source\ncode or documentation in this project, the use of his utility was what inspired\nme to add ASCII extraction capabilities to this project.",
        "description_content_type": null,
        "docs_url": null,
        "download_url": "UNKNOWN",
        "downloads": {
            "last_day": -1,
            "last_month": -1,
            "last_week": -1
        },
        "home_page": "none",
        "keywords": null,
        "license": "LICENSE.txt",
        "maintainer": null,
        "maintainer_email": null,
        "name": "LaZy_NT",
        "package_url": "https://pypi.org/project/LaZy_NT/",
        "platform": "UNKNOWN",
        "project_url": "https://pypi.org/project/LaZy_NT/",
        "project_urls": {
            "Download": "UNKNOWN",
            "Homepage": "none"
        },
        "release_url": "https://pypi.org/project/LaZy_NT/0.1.0/",
        "requires_dist": null,
        "requires_python": null,
        "summary": "File carving for compressed NTFS volumes.",
        "version": "0.1.0"
    },
    "last_serial": 1170552,
    "releases": {
        "0.1.0": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "4d7e7788434c18c98428a39f29046b23",
                    "sha256": "fc4169592cfeaad77381e5e71fb4c3146407fb014d0f261bb16ce3fddbdfda04"
                },
                "downloads": -1,
                "filename": "LaZy_NT-0.1.0.zip",
                "has_sig": false,
                "md5_digest": "4d7e7788434c18c98428a39f29046b23",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 125651,
                "upload_time": "2014-07-27T05:32:30",
                "url": "https://files.pythonhosted.org/packages/35/9a/098c3ab4fc51b328f60f2a86f8f3cf34bb8e116bf29cc8c6ce0c1dad9ca4/LaZy_NT-0.1.0.zip"
            }
        ]
    },
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "md5": "4d7e7788434c18c98428a39f29046b23",
                "sha256": "fc4169592cfeaad77381e5e71fb4c3146407fb014d0f261bb16ce3fddbdfda04"
            },
            "downloads": -1,
            "filename": "LaZy_NT-0.1.0.zip",
            "has_sig": false,
            "md5_digest": "4d7e7788434c18c98428a39f29046b23",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 125651,
            "upload_time": "2014-07-27T05:32:30",
            "url": "https://files.pythonhosted.org/packages/35/9a/098c3ab4fc51b328f60f2a86f8f3cf34bb8e116bf29cc8c6ce0c1dad9ca4/LaZy_NT-0.1.0.zip"
        }
    ]
}