Free digital forensic tools???

FREE TOOLS TO AID FORENSIC INVESTIGATIONS

Hi everyone, I am a computer forensic student about to start the third year and another investigation set up by the UWN.

I was wondering if there were any open source software tools that are available for digital investigators that can help in the following areas

1 The discovery of data
2 Helping with contemporaneous notes
3 Maintaining a chain-of-custody

If anyone has any information of tools to help in these areas it would be brilliant. I has already sources a few such a 'case notes' and any personally developed programs or databases would also be great

If you don't have any of these tips and advice are also welcome

thank you

https://twitter.com/#!/EZarkic

In what module do they teach you about Google?
its a popular search engine that you type words into and it gives you links back.
(resists lmgtfy link)

quick start
http//forensiccontrol.com/resources/free-software/

http//lmgtfy.com/?q=free+digital+forensics+tools

Snark aside, you might look into Backtrack and Helix3.

…which brings us back to the seemingly grumpy attitude (deserved in some cases)
http//www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=7566

jaclaz

. . . THROW . . .

. I'll address the second and third items as the discovery of data has been addressed.

With regard to notes I am not a fan of software/database programs that allow you to enter notes electronically. There are probably some free ones out there, but a simple text/document application saved periodically would work as well.

The closest to a database program of notes that I use are notes or bookmarks features within forensic programs (the ones that I use with these features are not free). You may want to look at ProDiscover's Basic Edition Freeware version http//www.techpathways.com/Demo.htm

The majority of my notes are actually a combination of photographs, hand written notes/form, and/or typed directly into my report at that time. Digital recorders can be used to record notes and automate the transcription with a software program.

Regardless of how well any program can document for you, it is very important that you, as the examiner recognize and document how the data relates to the case at hand. Something a tool will not do for you.

Chain of Custody well there are many form templates out there to look at. Helix does have a COC form. Some forms are state/agency specific so it is easier for me to use the accepted State form document file as a template.

Law enforcement agencies may use their in house records database due to bar coding (COC) and ability to query data. I don't think there is a need for a forensic software to throw in a chain of custody form. Maintaining a chain of custody generally requires a pre printed document/labels to be signed and/or bar coding. So what this means is I belive that most examiners use the same standard COC form that they have chosen(or is chosen for them) every time.

Regards,

Chris