Jump to content

The Sleuth Kit


FreezerBurn

Recommended Posts

I was thinking about giving The Sleuth Kit a try, but wanted to get some opinions over people that have used it.

sleuthkit.org is the official web site for The Sleuth Kit and Autopsy Browser. Both are open source digital investigation tools (a.k.a. digital forensic tools) that run on Windows and Unix systems (such as Linux, OS X, Cygwin, FreeBSD, OpenBSD, and Solaris). They can be used to analyze NTFS, FAT, Ext2, Ext3, UFS1, and UFS2 file systems and several volume system types.

The Sleuth Kit (TSK) is a C library and a collection of command line tools. Autopsy is a graphical interface to TSK.

Would be nice to use encase but that stuff is just crazy expensive.

Someone was using a temp location to store quicken data files.. Go figure, then she clears the temp folder. Would you guys use Sleuth Kit or is there a quicker easier opensource/free software out there to do this?

Thanks!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...