Introduction

When debugging or testing a digital forensic tool, or performing a data recovery procedure, you may have a requirement to extract some binary data from a forensic image or physical/logical disk. This is where DataDump can be of value.

DataDump

DataDump™ is a free tool which allows you to dump segments of data from an original source image or physical/logical device. It can be used for the following:

• Extract a stream of binary data from a source image or logical device
• Convert an entire image or a segment of an image to a single flat file
• Extract binary chunks of data from files, images or physical/logical devices
• Extract a partition from a source device as a single binary file
• Hash the output data using MD5, SHA-1, SHA-256 or SHA-512

Running DataDump

Once you have downloaded and installed the application, dumping a selection of binary data from your source is relatively straight forward.

1. Select the source by clicking on the "Select Source" drop down button menu, then select either "Disk Image" or "Physical or Logical Device"
2. Select the file you want the data to output to by clicking on the "Output File" button
3. Select the Logical Block Address of the start of the data you wish to extract
4. Select the Block Count or End Logical Block Address to set the length of the data to be extracted
5. If you wish the dumped data to be hashed, select MD5, SHA-1, SHA-256 or SHA-512 from the dropdown list
6. Click the "Extract" button to start the dump

Download

The software can be downloaded by clicking the button below: