![]() ![]() ![]() This allows the forensic examiner to "boot up" the image or disk and gain an interactive, user-level perspective of the env. Mac-robber is a digital investigation tool that collects data from allocated files in a mounted file system.Ī Java-based graphical forensics tool that creates a VMware virtual machine out of a raw (dd-style) disk image or physical disk. TCT is a collection of programs by Dan Farmer and Wietse Venema for a post-mortem analysis of a UNIX system after break-in. Together, they can analys e Windows and UNIX disks and file systems (NTFS, FAT, UFS1/2, Ext2/3). ![]() The Autopsy Forensic Browser is a graphical interface to the command line digital investigation analysis tools in The Sleuth Kit. This site also lists tools that work with AFF. Is an open and extensible file format designed to store disk images and associated metadata. This tool can be used for various digital forensic tasks such as forensically wiping a drive (zero-ing out a drive) and creating a raw image of a drive. Here is a list of open source forensic toolsĭd comes by default on the majority of Linux distributions available today (e.g. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |