The Sleuth Kit

The Sleuth Kit

Infobox Software
name = The Sleuth Kit



caption =
collapsible =
author = Brian Carrier
developer =
released =
latest release version = 2.52
latest release date = April 10, 2008
latest preview version =
latest preview date =
frequently updated =
programming language =
operating system =
platform =
size =
language =
status =
genre = Computer forensics
license =
website = http://www.sleuthkit.org/

The Sleuth Kit (TSK) is a library and collection of Unix- and Windows-based tools and utilities to allow for the forensic analysis of computer systems. It was written and maintained by digital investigator Brian Carrier. TSK can be used to perform investigations and data extraction from images of Windows, Linux and Unix computers. The Sleuth Kit is normally used in conjunction with its custom front-end application, Autopsy, to provide a user friendly interface. Now there is a new front-end extended interface named PTK. Several other tools also use TSK for file extraction.

The Sleuth Kit is a free, open source suite that provides a large number of specialized command-line based utilities.

Tools

Some of the tools included in The Sleuth Kit include:
* ils lists all metadata entries, such as an Inode.
* dls displays data blocks within a file system.
* fls lists allocated and unallocated file names within a file system.
* fsstat displays file system statistical information about an image or storage medium.
* ffind searches for file names that point to a specified metadata entry.
* mactime creates a timeline of all files based upon their MAC times.
* disk_stat discovers the existence of a Host Protected Area.

See also

*Selective file dumper

External links

* [http://www.sleuthkit.org/ The Sleuth Kit Official website]
* [http://www.sleuthkit.org/informer/ The Sleuth Kit Informer newsletter]
* [http://wiki.sleuthkit.org/ Sleuth Kit Wiki]
* [http://ptk.dflabs.com PTK Official website]


Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Look at other dictionaries:

  • Sleuth — is a reference to detective work and may refer to:Theatre and film* Sleuth (play) a 1970 play by Anthony Shaffer * Sleuth (1972 film), a film adaptation of the Anthony Shaffer play, directed by Joseph L. Mankiewicz * Sleuth (2007 film), a film… …   Wikipedia

  • The Beast (newspaper) — Infobox Newspaper name = The Beast caption = The 2005 10 19 front page of The Beast type = Alternative weekly format = Tabloid foundation = 2002 ceased publication = price = owners = Independent publisher = Paul Fallon chiefeditor = Allan Uthman… …   Wikipedia

  • The Phantom of Venice — Developer(s) Her Interactive Publisher(s) Her Interactive …   Wikipedia

  • Where in the World Is Carmen Sandiego? (game show) — Infobox Television bgcolour = #ffbfbf show name = Where in the World is Carmen Sandiego? format = Game Show runtime = 30 minutes creator = Brøderbund Software theme music composer = Sean Altman David Yazbek opentheme = Where in the World Is… …   Wikipedia

  • Where in the World Is Carmen Sandiego? (TV series) — Where in the World Is Carmen Sandiego? Where in the World Is Carmen Sandiego? title card for Season 1 Format Game Show Created by Brøderbund Software …   Wikipedia

  • Nancy Drew: The Haunting of Castle Malloy — The Haunting Of Castle Malloy Developer(s) Her Interactive Publisher(s) Her Interactive …   Wikipedia

  • List of data recovery software — The following is a list of notable data recovery software. Contents 1 Bootable 2 Consistency checkers 3 File recovery 4 Forensics …   Wikipedia

  • List of digital forensics tools — During the 1980s, most of digital forensic investigations consisted of live analysis , examining digital media directly using non specialist tools. In the 1990s several commercial and freeware tools (both hardware and software) were created to… …   Wikipedia

  • Host Protected Area — Host Protected Area, sometimes referred to as Hidden Protected Area [ [http://www.thinkwiki.org/wiki/Hidden Protected Area Hidden Protected Area ThinkWiki ] ] , is an area of a hard drive that is not normally visible to an operating system(OS).… …   Wikipedia

  • Open Computer Forensics Architecture — Developer(s) Korps landelijke politiediensten Stable release 2.2.0pl4 Development status Active Operating system Linux …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”