Tools/sleuthkit-172

From ChekMate Security Group

Package Directory: /opt/Operator_Extras/Tools/sleuthkit-172

The Sleuth Kit is an open source forensic toolkit for analyzing Microsoft and UNIX file systems. The Sleuth Kit enables investigators to identify and recover evidence from images acquired during incident response or from live systems. The Sleuth Kit is open source, which allows investigators to verify the actions of the tool or customize it to specific needs.

The Sleuth Kit uses code from the file system analysis tools of The Coroner's Toolkit (TCT) by Wietse Venema and Dan Farmer. The TCT code was modified for platform independence. In addition, support was added for the NTFS (see docs/ntfs.README) and FAT (see docs/fat.README) file systems. Refer to the CHANGES.FROM.TCT file for specific differences. Previously, The Sleuth Kit was called The @stake Sleuth Kit (TASK). The Sleuth Kit is now independant of any commercial or academic organizations.

It is highly recommended that these command line tools can be used with the 1.70 version of the Autopsy Forensic Browser. Autopsy, (http://www.sleuthkit.org/autopsy), is a graphical interface to the tools of The Sleuth Kit and automates many of the procedures and provides features such as image searching and MD5 image integrity checks.

Retrieved from "http://www.chekmate.org//wiki/index.php/Tools/sleuthkit-172"

Tools/sleuthkit-172

From ChekMate Security Group

Navigation

Views

Personal tools

Toolbox

Our Partnerships

Our Sponsors

We Support