±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 1 Overall: 35514
New Yesterday: 4 Visitors: 205

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Looking for a little advice.

Computer forensics training and education issues. If you are looking for topic suggestions for your project, thesis or dissertation please post here rather than the general discussion forum.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page 1, 2, 3  Next 
  

Preeny95
Newbie
 

Looking for a little advice.

Post Posted: Oct 01, 16 16:01

Hello,

As part of my degree I am required to select a forensic tool and critique the functions and produce a guide/report on how the tool works and all of the different functionalities. I am just wondering if anyone could point me in the right direction towards some of the better open source products out there?

Kindest regards  
 
  

NalakaHewa
Member
 

Re: Looking for a little advice.

Post Posted: Oct 02, 16 16:02

My suggestion is to study about Sleuth Kit and Autopsy. Sleuth kit provides lot of tools that covers forensic aspects while Autopsy act as a front-end GUI. Autopsy may need lots of improvements and optimizations too.

www.sleuthkit.org/  
 
  

Preeny95
Newbie
 

Re: Looking for a little advice.

Post Posted: Oct 02, 16 16:31

Sorry, I forgot to mention there's a ban list! Haha the list is:

EnCase
 EnCase Imager
 FTK
 FTK Imager
 RegRipper
 AccessData Registry Viewer
 Autopsy/TSK
 Wireshark
 Tableau Imager  
 
  

Bunnysniper
Senior Member
 

Re: Looking for a little advice.

Post Posted: Oct 02, 16 17:24

- Preeny95
Sorry, I forgot to mention there's a ban list


In this case you might consider having a look at:

- Volatility
- Rekall
- Google GRR
- the SIFT Workstation
- Bulkextractor
- tools from Joakim Schicht or Eric Zimmerman

just my 2 cent

Robin  
 
  

436172730d0a
Newbie
 

Re: Looking for a little advice.

Post Posted: Oct 26, 16 18:36

digital-forensics.sans.../downloads

A good choice based on the possibility of following the SANS training route...  
 
  

wookieshaver
Member
 

Re: Looking for a little advice.

Post Posted: Oct 26, 16 19:34

- Preeny95
Sorry, I forgot to mention there's a ban list! Haha the list is:

EnCase
 EnCase Imager
 FTK
 FTK Imager
 RegRipper
 AccessData Registry Viewer
 Autopsy/TSK
 Wireshark
 Tableau Imager


I would suggest Paladin Linux, it's a great imaging tool and has a few utilities built in as well. (https://sumuri.com/software/paladin/) You have to create an account at their website for the tool but you can set your own price (aka 0) when you download. I would suggest using Paladin Edge (the 32 bit version) for better compatibility across the board.  
 
  

tracedf
Senior Member
 

Re: Looking for a little advice.

Post Posted: Oct 26, 16 20:24

Forensic Explorer is also worth checking out. You can download a demo that's good for 30 days.  
 

Page 1 of 3
Page 1, 2, 3  Next