Developer Documentation

PyFlag has evolved into a complete database/web development framework. Developers are free to use the PyFlag framework to develop any web applications which require a database back end. See for example PyFlag Framework Tutorial for a short hands on tutorial of how to use the PyFlag framework for arbitrary web/database interfaces.

The developer documentation is split into two area:

Web/Database Framework

These are the basic facilities available for developing any application using PyFlag Framework. You will need to be familiar with this before attempting to develop Forensic tools.

1. The plugin system.

2. The database abstraction class DB.DBO.

3. The Report class.

4. The User Interface class.

5. The ColumnType class.

6. The Table Object

7. The Query Object

The PyFlag Forensic Architecture

These items are essential to understanding how the PyFlag forensic architecture can be used to write forensic specific extensions.

1. The IO Source class.

2. The VFS (Virtual File System)

3. The Scanner class.

4. The File Driver class.

5. Log Drivers

Useful utilities and libraries

These are low level components which are used in other areas. They are so useful (even outside of PyFlag) that they need to be documented here:

1. The Object Oriented C framework.

2. The PyPacket object and its packet.c implementation.