Skip to content

Acquire

Forensics & Incident Response

Acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container. This makes Acquire an excellent tool to, among others, speedup the process of digital forensic triage. It uses Dissect to gather that information from the raw disk, if possible.

Track releases GitHub
Python Latest 3.22 · 3mo ago Security brief →

Features

  • Collects forensic artifacts from disk images or live systems
  • Organizes artifact gathering via modular profiles (full, default, minimal, none)
  • Falls back to operating‑system file access when raw disk read is not possible

Recent releases

View all 1 releases →
3.22 Breaking risk
Notable features
  • Add APPLICATION_HOST_CONFIG to webserver collection
  • Add collection of SimpleHelp logging
  • Add Teamviewer MRU files
Full changelog

What's Changed

  • Extend webserver collection by @qmadev in https://github.com/fox-it/acquire/pull/264
  • Add APPLICATION_HOST_CONFIG to webserver collection by @Miauwkeru in https://github.com/fox-it/acquire/pull/279
  • Fix Child Acquisition by @qmadev in https://github.com/fox-it/acquire/pull/283
  • Add collection of SimpleHelp logging by @Matthijsy in https://github.com/fox-it/acquire/pull/287
  • Remove and update deprecated code by @Miauwkeru in https://github.com/fox-it/acquire/pull/286
  • Add Teamviewer MRU files by @Matthijsy in https://github.com/fox-it/acquire/pull/289
  • Improve AV paths by @Matthijsy in https://github.com/fox-it/acquire/pull/288

New Contributors

  • @Matthijsy made their first contribution in https://github.com/fox-it/acquire/pull/287

Full Changelog: https://github.com/fox-it/acquire/compare/3.21...3.22

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
120
Forks
38
Languages
Python Makefile
View on GitHub Documentation

Install & Platforms

Install via
pip

Similar tools

Forensic Artifacts
Dissect

Beta — feedback welcome: [email protected]