2010-05-12 04:55:30 +08:00
|
|
|
The Sleuth Kit is an open source forensic toolkit for analyzing
|
|
|
|
|
Microsoft and UNIX file systems and disks. The Sleuth Kit enables
|
|
|
|
|
investigators to identify and recover evidence from images
|
|
|
|
|
acquired during incident response or from live systems. The
|
|
|
|
|
Sleuth Kit is open source, which allows investigators to verify
|
|
|
|
|
the actions of the tool or customize it to specific needs.
|
|
|
|
|
|
2010-05-13 06:41:47 +08:00
|
|
|
Sleuthkit can use libewf and afflib.
|
