FreezerBurn Posted December 9, 2009 Share Posted December 9, 2009 I was thinking about giving The Sleuth Kit a try, but wanted to get some opinions over people that have used it. sleuthkit.org is the official web site for The Sleuth Kit and Autopsy Browser. Both are open source digital investigation tools (a.k.a. digital forensic tools) that run on Windows and Unix systems (such as Linux, OS X, Cygwin, FreeBSD, OpenBSD, and Solaris). They can be used to analyze NTFS, FAT, Ext2, Ext3, UFS1, and UFS2 file systems and several volume system types. The Sleuth Kit (TSK) is a C library and a collection of command line tools. Autopsy is a graphical interface to TSK. Would be nice to use encase but that stuff is just crazy expensive. Someone was using a temp location to store quicken data files.. Go figure, then she clears the temp folder. Would you guys use Sleuth Kit or is there a quicker easier opensource/free software out there to do this? Thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.