Hi everyone, can some one recommend me an open source forensic tool that has equal functionality with the likes of encase, FTK, winhex etc.
Sure…PyFlag, TSK/Autopsy…
Helix is not necessary like Encase and FTK but provides a CD based option for creating forensic images and performing Incident Response tasks. Plus - it is free and is based on open source. It even has windows utilities to assist in performing IR functions on running windows systems.
Kenweed,
You didn't state what your definition of "open source forensic tool" is (IE, free, or runs on Linux), so here are a few others;
SMART for Linux
THE FARMER'S BOOT CD (FBCD)
Both are commercial, both run on Linux, have some level of functionality, and afford you the capability to type or point-and-click.
regards,
farmerdude
Well thank you guys for your contribution…My definition for an open source tool was one whose binary and source code can be accessed freely and if possible the tool can run on both linux and windows (not a must though!).
Kenweed,
I think we all understand that part…I believe the question is, with regards to the "forensic tool that has equal functionality with the likes of encase, FTK, winhex etc." What functionality are you asking for? Imaging/acquistion? Analysis? Presentation?