Installation

FileTrove is written in Golang and open source (AGPLv3). You can install it by compiling from source or use a precompiled executable for your platform. FileTrove is - almost - a single file application without external dependencies, except a NSRL Bolt database and a YARA-X C library. FileTrove can download the database for you. The C library has to be compiled by yourself or can be downloaded from the Github project if available.

Download

On Github you can find ready-to-run executables for Debian/Ubuntu.

Just download the installation package from Github and install it with apt/dpkg.

Note: This project is called FileTrove, but the executable is called ftrove! The builds also have the operating system and platform in their name. You can savely rename them or keep the name.

The releases are tested and the latest version has no known bugs.

Alternative: Install from source

1. Install Golang: https://go.dev/doc/install
2. Install Task build tool: https://taskfile.dev
3. Install the YARA-X C library: https://virustotal.github.io/yara-x/docs/api/c/c-/#building-the-c-library
4. Checkout FileTrove repository into your go workspace (e.g. /home/user/go/src): git clone https://github.com/steffenfritz/FileTrove.git
5. Change into directory: e.g. cd /home/user/go/src/steffenfritz/FileTrove/cmd/ftrove
6. Start build: task build

Installation

Copy the binary to a location where FileTrove should save the results, logs and where the 4.0 GB NSRL database can be stored.

Then, execute the following command to install FileTrove in the given directory (mind the period):

$ ./ftrove –install .

During the installation FileTrove creates two directories, “logs” and “db”. It also asks you if it should download the NSRL database. The download via ftrove, i.e. during the installation, could be slow. You can answer “no” during the installation and copy an existing database into the db directory.

FileTrove is installed and ready to go!