The Sleuth Kit and Autopsy

From Just Solve the File Format Problem
(Difference between revisions)
Jump to: navigation, search
(Add standard navigational header)
(Added categories)
Line 23: Line 23:
 
* [[HFS]]
 
* [[HFS]]
 
* [[ISO 9660]] / CDFS (Compact Disc File System)
 
* [[ISO 9660]] / CDFS (Compact Disc File System)
 +
 +
[[Category:Software]]
 +
[[Category:Forensics and Law Enforcement]]

Revision as of 19:16, 27 June 2015

Software > File rendering/interaction software > The Sleuth Kit and Autopsy

The Sleuth Kit (TSK) is a C library and a set of command line tools for forensic analysis of filesystems and disk images. Autopsy is a graphical front end for TSK and provides some additional features on top of it, including extracting and searching the text contents from multiple file formats over an entire image.

Supported disk and file system image formats

  • raw (i.e. dd)
  • Expert Witness (i.e. EnCase)
  • AFF

Supported file systems:

Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox