zffacquire is a command line utility for acquiring images into the forensic format Zff.
First, you need to install rust and cargo to build or install zffacquire.
After that you still need the gcc, which you can install as follows (depends on the distribution):
bash
$ sudo apt-get install gcc
bash
$ sudo dnf install gcc
Then you can easily build this tool yourself by using cargo:
bash
[/home/ph0llux/projects/zffacquire] $ cargo build --release
Or you can install the tool directly from crates.io:
bash
$ cargo install zffacquire
To create an image with the default parameters, the following command is just enough:
bash
zffacquire physical -i /dev/sda -o /media/usb-hdd/your_zff_image
The complete feature set of zffacquire can be shown using zffacquire -h.