Extraction of Forensic images in Linux
Do we can extract the forensic images like E01, Ad1 using FTK imager or with any other tool in Linux. If any one know how to do that. Please suggest.
thanks in advance.
install (e.g. in ubuntu)
sudo apt-get install ewf-tools.
you can export the ewf-file to e.g. a dd-image with command "ewfexport"
but this takes time.
better is to take "xmount" (you get it here https://www.pinguin.lu/ )
after that you can mount the e01-file within one second into a dd-file.
after that you can mount the data (via losetup etc…)
with these two programs to can mount the content of an e01-file within a few minutes.