Here is a list of all documented files with brief descriptions:
[detail level 123]
  tsk3 | |
  auto | |
   auto.cpp | Contains C++ code that creates the base file extraction automation class |
| auto_db.cpp | Contains code to populate SQLite database with volume and file system information from a specific image |
| case_db.cpp | Contains class definition for TskCaseDb class to handle creating/opening a case database and adding images to it |
| db_sqlite.cpp | Contains code to perform operations against SQLite database |
| tsk_auto.h | Contains the class definitions for the automated file extraction classes |
| tsk_case_db.h | Contains the class that creates a case-level database of file system data |
 tsk_db_sqlite.h | Contains the SQLite code for maintaining the case-level database |
| base | |
| md5c.c | Local copy of RSA Data Security, Inc |
| mymalloc.c | These functions allocate and realocate memory and set the error handling functions when an error occurs |
| sha1c.c | Local copy of the public domain SHA-1 library code by David Ireland |
| tsk_base.h | Contains the type and function definitions that are needed by external programs to use the TSK library |
| tsk_base_i.h | Contains the general internal TSK type and function definitions |
| tsk_endian.c | Contains the routines to read data in different endian orderings |
| tsk_error.c | Contains the error handling code and variables |
| tsk_list.c | Tsk_lists are a linked list of buckets that store a key in REVERSE sorted order |
| tsk_os.h | Contains some OS-specific type settings |
| tsk_parse.c | Contains code to parse specific types of data from the command line |
| tsk_printf.c | These are printf wrappers that are needed so that we can easily print in both Unix and Windows |
| tsk_stack.c | Contains the functions to create and maintain a stack, which supports basic popping, pushing, and searching |
| tsk_unicode.c | A local copy of the Unicode conversion routines from unicode.org |
| tsk_version.c | Contains functions to print and obtain the library version |
| XGetopt.c | Parses arguments for win32 programs – written by Hans Dietrich |
| fs | |
| dcalc_lib.c | Contains the library API functions used by the TSK blkcalc command line tool |
| dcat_lib.c | Contains the library API functions used by the TSK blkcat command line tool |
| dls_lib.c | Contains the library API functions used by the TSK blkls command line tool |
| dstat_lib.c | Contains the library API functions used by the TSK blkstat command line tool |
| ext2fs.c | Contains the internal TSK ext2/ext3 file system functions |
| ext2fs_dent.c | Contains the internal TSK file name processing code for Ext2 / ext3 |
| ext2fs_journal.c | Contains the internal TSK Ext3 journal walking code |
| fatfs.c | Contains the internal TSK FAT file system code to handle basic file system processing for opening file system, processing sectors, and directory entries |
| fatfs_dent.cpp | Contains the internal TSK FAT file name processing code |
| fatfs_meta.c | Contains the internal TSK FAT file system code to handle metadata structures |
| ffind_lib.c | Contains the library API functions used by the TSK ffind command line tool |
| ffs.c | Contains the internal TSK UFS / FFS file system functions |
| ffs_dent.c | Contains the internal TSK UFS/FFS file name (directory entry) processing functions |
| fls_lib.c | Contains the library code associated with the TSK fls tool to list files in a directory |
| fs_attr.c | Functions to allocate and add structures to maintain generic file system attributes and run lists |
| fs_attrlist.c | File that contains functions to process TSK_FS_ATTRLIST structures, which hold a linked list of TSK_FS_ATTR attribute structures |
| fs_block.c | Contains functions to allocate, free, and read data into a TSK_FS_BLOCK structure |
| fs_dir.c | Create, manage, etc |
| fs_file.c | Create, manage, etc |
| fs_inode.c | Contains functions to allocate, free, and process the generic inode structures |
| fs_io.c | Contains functions to read data from a disk image and wrapper functions to read file content |
| fs_load.c | Contains a general file walk callback that can be used to load file content into a buffer |
| fs_name.c | Code to allocate and free the TSK_FS_NAME structures |
| fs_open.c | Contains the general code to open a file system – this calls the file system -specific opening routines |
| fs_parse.c | Contains code to parse specific types of data from the command line |
| fs_types.c | Contains TSK functions that deal with parsing and printing file system type strings |
| hfs.c | Contains the general internal TSK HFS metadata and data unit code |
| hfs_dent.c | Contains the file name layer code for HFS+ file systems – not included in code by default |
| hfs_journal.c | Contains the internal TSK HFS+ journal code – not included in code by default |
| icat_lib.c | Contains the library API functions used by the TSK icat command line tool |
| ifind_lib.c | Contains the library API functions used by the TSK ifind command line tool |
| ils_lib.c | Library functionality of the TSK ils tool |
| iso9660.c | Contains the internal TSK ISO9660 file system code to handle basic file system processing for opening file system, processing sectors, and directory entries |
| iso9660_dent.c | Contains the internal TSK ISO9660 file system code to handle the parsing of file names and directory structures |
| nofs_misc.c | Contains internal functions that are common to the "non-file system" file systems, such as raw and swap |
| ntfs.c | Contains the TSK internal general NTFS processing code |
| ntfs_dent.cpp | NTFS file name processing internal functions |
| rawfs.c | Contains internal "raw" specific file system functions |
| swapfs.c | Contains the internal "swapfs" specific functions |
| tsk_fs.h | External header file for file system support |
| tsk_fs_i.h | Contains the internal library definitions for the file system functions |
| unix_misc.c | Contains code that is common to both UFS1/2 and Ext2/3 file systems |
| hashdb | |
| encase_index.c | Contains the Encase hash database specific extraction and printing routines |
| hk_index.c | Contains functions to read and process hash keeper database files |
| idxonly_index.c | Contains the dummy functions that are used when only an index is used for lookups and the original database is gone |
| md5sum_index.c | Contains the MD5sum hash database specific extraction and printing routines |
| nsrl_index.c | NSRL specific functions to read the database |
| tm_lookup.c | Contains the generic hash database creation and lookup code |
| tsk_hashdb.h | External header file for hash database support |
| tsk_hashdb_i.h | Contains the internal library definitions for the hash database functions |
| img | |
| aff.c | Internal code to interface with afflib to read and open AFF image files |
| ewf.c | Internal code for TSK to interface with libewf |
| img_io.c | Contains the basic img reading API redirection functions |
| img_open.c | Contains the basic img_open function call, that interfaces with the format specific _open calls |
| img_types.c | Contains basic functions to parse and print the names of the supported disk image types |
| mult_files.c | Internal code to find remainder of files in a split raw set |
| raw.c | Internal code to open and read single or split raw disk images |
| tsk_img.h | Contains the external library definitions for the disk image functions |
| vs | |
| bsd.c | Contains the internal functions required to process BSD disk labels |
| dos.c | Contains the internal functions to process DOS Partition tables |
| gpt.c | The internal functions required to process the GPT GUID Partiition Table |
| mac.c | Contains the internal functions to process and load a Mac partition table |
| mm_io.c | Contains the wrapper code that allows one to read sectors from a TSK_VS_INFO or TSK_VS_PART_INFO structure |
| mm_open.c | Contains general code to open volume systems |
| mm_part.c | Contains the functions need to create, maintain, and access the linked list of partitions in a volume |
| mm_types.c | Contains the code to parse and print the strings for the supported volume system types |
| sun.c | Contains the internal SUN VTOC volume system processing code |
| tsk_vs.h | External header file for media management (volume system) support |
| tsk_vs_i.h | Contains the internal library definitions for the volume system functions |