The Sleuth Kit and Autopsy

Latest revision as of 20:31, 3 July 2015

>

The Sleuth Kit and Autopsy

The Sleuth Kit (TSK) is a C library and a set of command line tools for forensic analysis of filesystems and disk images. Autopsy is a graphical front end for TSK and provides some additional features on top of it, including extracting and searching the text contents from multiple file formats over an entire image.

Supported disk and file system image formats

raw (i.e. dd)
Expert Witness (i.e. EnCase)
AFF

Supported file systems:

NTFS
FAT
UFS 1
UFS 2
EXT2
EXT3
HFS
ISO 9660 / CDFS (Compact Disc File System)

@@ Line 1: / Line 1: @@
+{|
+|[[Software]]
+| >
+|[[File rendering/interaction software]]
+| >
+|[[The Sleuth Kit and Autopsy]]
+|}
 [http://www.sleuthkit.org/sleuthkit/ The Sleuth Kit] (TSK) is a C library and a set of command line tools for forensic analysis of filesystems and disk images. [http://www.sleuthkit.org/autopsy/ Autopsy] is a graphical front end for TSK and provides some additional features on top of it, including extracting and searching the text contents from multiple file formats over an entire image.
@@ Line 15: / Line 23: @@
 * [[HFS]]
 * [[ISO 9660]] / CDFS (Compact Disc File System)
+{{DEFAULTSORT:Sleuth Kit and Autopsy, The}}
+[[Category:Software]]
+[[Category:Forensics and Law Enforcement]]

The Sleuth Kit and Autopsy

Latest revision as of 20:31, 3 July 2015

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Toolbox