Digital Forensics with The Sleuth Kit
Beginner Introduction to The Sleuth Kit (command line)
About The Sleuth Kit
The Sleuth Kit is a collection of command line tools and a C library that allows you to analyze disk images and recover files from them. It is used behind the scenes in Autopsy and many other open source and commercial forensics tools.
The toolkit is used by analysts to analyze file systems and images, including NTFS, FAT, ext2/3, HFS+, and ISO 9660. It can be used to recover deleted data, recover lost partitions, and perform in-depth analysis of the file systems and images.
Because it offers a strong and adaptable platform for evaluating digital data, the Sleuth Kit is useful for DFIR engagements because it can assist forensic analyst in identifying the root cause of an incident and acquiring evidence for use in court cases.
-
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
Source: The Hacker News Published on 2025-11-30
-
Intel in LNK Files
Source: Windows Incident Response Published on 2025-11-30 By Unknown
-
Japanese beer giant Asahi says data breach hit 1.5 million people
Source: BleepingComputer Published on 2025-11-29 By Bill Toulas
-
Leak confirms OpenAI is preparing ads on ChatGPT for public roll out
Source: BleepingComputer Published on 2025-11-29 By Mayank Parmar
-
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
Source: BleepingComputer Published on 2025-11-29 By Bill Toulas
