Digital Forensics with The Sleuth Kit
Beginner Introduction to The Sleuth Kit (command line)
About The Sleuth Kit
The Sleuth Kit is a collection of command line tools and a C library that allows you to analyze disk images and recover files from them. It is used behind the scenes in Autopsy and many other open source and commercial forensics tools.
The toolkit is used by analysts to analyze file systems and images, including NTFS, FAT, ext2/3, HFS+, and ISO 9660. It can be used to recover deleted data, recover lost partitions, and perform in-depth analysis of the file systems and images.
Because it offers a strong and adaptable platform for evaluating digital data, the Sleuth Kit is useful for DFIR engagements because it can assist forensic analyst in identifying the root cause of an incident and acquiring evidence for use in court cases.
- Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software
- WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability
- Founder of Bitzlato Cryptocurrency Exchange Pleads Guilty in Money-Laundering Scheme
- Russian military hackers target NATO fast reaction corps
- 23andMe updates user agreement to prevent data breach lawsuits