Educause Security Discussion mailing list archives

Re: Forensics Tools

From: Kevin Wilcox <wilcoxkm () APPSTATE EDU>
Date: Tue, 23 Sep 2014 12:26:25 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 23/09/14, 11:52, Juan Hernández Serrano wrote:

Sleuth Kit is very widely adopted and well-documented online.
Autopsy is the graphical frontend.


Just watch out for the platform change. Autopsy 2 was fantastic for
folks building their toolkit on Linux. Autopsy 3 runs on Windows-only.

I'd grab the SIFT 2 or SIFT 3 since it bundles TSK and a ton of other
tools (like bulk-extractor, log2timeline, ewf*, etc).

kmw
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)

iEYEARECAAYFAlQhnzAACgkQsKMTOtQ3fKG31QCbBZO4v6bMdS70QhT0A7fE920C
ZHkAn1pYrmxVc7/tj4rCYEQmgt8b/dXD
=gzGY
-----END PGP SIGNATURE-----

Current thread:

Forensics Tools Thomas Carter (Sep 23)
- FW: Forensics Tools Thomas Carter (Sep 23)
- Re: Forensics Tools Shawn Merdinger (Sep 23)
  - Re: Forensics Tools Alex Waitkus (Sep 23)
- Re: Forensics Tools Kevin Wilcox (Sep 23)
- Re: Forensics Tools Juan Hernández Serrano (Sep 23)
  - Re: Forensics Tools Bradley, Stephen (Sep 23)
  - Re: Forensics Tools Kevin Wilcox (Sep 23)
- Re: Forensics Tools Daniels, Shane R (Sep 23)
  - Re: Forensics Tools Ward, Michael (Sep 24)