RECENT POSTS

Sleuthkit

May 26, 2018

Tools and library for filesystem forensic analysis

The Sleuth Kit TSK is a library and collection of command line tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

The media management tools allow you to examine the layout of disks and other media. The Sleuth Kit supports DOS partitions, BSD partitions disk labels, Mac partitions, Sun slices Volume Table of Contents, and GPT disks. With these tools, you can identify where partitions are located and extract them so that they can be analyzed with file system analysis tools.

WWW http//www.sleuthkit.org/sleuthkit/