摘要:TULP2G is a forensic software framework for acquiring and decoding data stored in
electronic devices. The framework consists of a layered architecture with
communication, protocol, conversion, and export plug-ins to acquire, decode, and report
evidence in customizable layouts. All acquired data is stored in an XML formatted
evidence file along with information for auditing purposes. XML files can also be used to
customize the framework with different user interface languages. A profile mechanism is
built in to save and load framework configuration settings for common investigations.
Conversion and export plug-ins can also be used to decode data acquired with other
data acquisition methods. TULP2G is implemented in C# using .NET1.1 and released
under a BSD license. All software, including source code is available at
http://tulp2g.sourceforge.net/. Currently available plug-ins are mainly targeted towards
GSM phone examinations, but the applied open source strategy tries to stimulate other
parties in developing more examination functionality.
