±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 2 Overall: 32225
New Yesterday: 3 Visitors: 110

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Looking for a little advice.

Computer forensics training and education issues. If you are looking for topic suggestions for your project, thesis or dissertation please post here rather than the general discussion forum.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page 1, 2, 3  Next 
  

Looking for a little advice.

Post Posted: Sat Oct 01, 2016 5:01 am

Hello,

As part of my degree I am required to select a forensic tool and critique the functions and produce a guide/report on how the tool works and all of the different functionalities. I am just wondering if anyone could point me in the right direction towards some of the better open source products out there?

Kindest regards  

Preeny95
Newbie
 
 
  

Re: Looking for a little advice.

Post Posted: Sun Oct 02, 2016 5:02 am

My suggestion is to study about Sleuth Kit and Autopsy. Sleuth kit provides lot of tools that covers forensic aspects while Autopsy act as a front-end GUI. Autopsy may need lots of improvements and optimizations too.

www.sleuthkit.org/  

NalakaHewa
Member
 
 
  

Re: Looking for a little advice.

Post Posted: Sun Oct 02, 2016 5:31 am

Sorry, I forgot to mention there's a ban list! Haha the list is:

EnCase
 EnCase Imager
 FTK
 FTK Imager
 RegRipper
 AccessData Registry Viewer
 Autopsy/TSK
 Wireshark
 Tableau Imager  

Preeny95
Newbie
 
 
  

Re: Looking for a little advice.

Post Posted: Sun Oct 02, 2016 6:24 am

- Preeny95
Sorry, I forgot to mention there's a ban list


In this case you might consider having a look at:

- Volatility
- Rekall
- Google GRR
- the SIFT Workstation
- Bulkextractor
- tools from Joakim Schicht or Eric Zimmerman

just my 2 cent

Robin  

Bunnysniper
Member
 
 
  

Re: Looking for a little advice.

Post Posted: Wed Oct 26, 2016 7:36 am

digital-forensics.sans.../downloads

A good choice based on the possibility of following the SANS training route...  

436172730d0a
Newbie
 
 
  

Re: Looking for a little advice.

Post Posted: Wed Oct 26, 2016 8:34 am

- Preeny95
Sorry, I forgot to mention there's a ban list! Haha the list is:

EnCase
 EnCase Imager
 FTK
 FTK Imager
 RegRipper
 AccessData Registry Viewer
 Autopsy/TSK
 Wireshark
 Tableau Imager


I would suggest Paladin Linux, it's a great imaging tool and has a few utilities built in as well. (https://sumuri.com/software/paladin/) You have to create an account at their website for the tool but you can set your own price (aka 0) when you download. I would suggest using Paladin Edge (the 32 bit version) for better compatibility across the board.  

wookieshaver
Member
 
 
  

Re: Looking for a little advice.

Post Posted: Wed Oct 26, 2016 9:24 am

Forensic Explorer is also worth checking out. You can download a demo that's good for 30 days.  

tracedf
Senior Member
 
 

Reply to topicReply to topic

Share and Like this forum topic to get more replies




Page 1 of 3
Go to page 1, 2, 3  Next