This is a simple utility to extract geolocation data from a .xml-report of Cellebrite’s UFED Physical Analyzer.
Following the *nix philosophy ”one tool, one job”, the only goal is to extract location data from a UFED report and store it for further processing and visualization. Currently this is accomplished by extracting and converting geolocation data as .csv. More output formats, like geojson, might follow.
This tool relies on Python > 3.7 standard libraries only, therefore no package installations are needed.
Just move it to a directory in your $PATH:
sudo cp ufed_geo2csv.py /usr/local/bin sudo chmod +x /usr/local/bin/ufed_geo2csv.py
There are two modes of operation: Supply data via STDIN or specify a .xml-file via a positional argument. To test it, just use the supplied dummy report.
# Pipe .xml-report to the tool cat tests/test_report.xml | python3.7 ufed_geo2csv.py | tee test_geos.csv # Specify a .xml-report as a positional argument python3.7 ufed_geo2csv.py tests/test_report.xml > test_geos.csv
To run the supplied tests, please use the following command.
python3 -m unittest discover