±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 0 Overall: 35503
New Yesterday: 0 Visitors: 87

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Looking for a little advice.

Computer forensics training and education issues. If you are looking for topic suggestions for your project, thesis or dissertation please post here rather than the general discussion forum.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2, 3  Next 


Re: Looking for a little advice.

Post Posted: Oct 26, 16 21:11

Personally I would suggest scalpel.

Its a great tool and could make for a good paper on data carving.  

Senior Member

Re: Looking for a little advice.

Post Posted: Oct 26, 16 21:13

Can you do a log2timeline Great tool you could talk about mounting the image and running the tool. Also custom log2timeline analysis.  


Re: Looking for a little advice.

Post Posted: Oct 27, 16 03:05

I too recommend Paladin from Sumuri.com. Their Paladin Toolbox is an imaging suite that does a good job of presenting enough options to make imaging painless as possible and to avoid making mistakes. Other than that, they present a forensic suite that contains many forensic tools that I feel may be too much to report on if you choose all the tools to write about. On the other hand if you picked only one or two tools from their forensic suite, the report may appear too short or give the impression you skimped over a lot of stuff.

It's not an open source tool, but Magnet Forensics is a popular forensic tool that's quickly taking over the market. They have a trial version, but the idea is to get companies to try before you buy, so I don't know if you can get a copy or not. It's worth a try.

Good luck,

Senior Member

Re: Looking for a little advice.

Post Posted: Dec 07, 16 13:06

- NalakaHewa
My suggestion is to study about Sleuth Kit and Autopsy.

Can you tell me how tools such as the Sleuth kit can be better than using tools from Cellebrite and oxygen? what can the open source tools do that the expensive one's can't?

Just a curious question btw. Smile
Digital Forensics is an Exact science, not the procedures, but the results. 

Senior Member

Re: Looking for a little advice.

Post Posted: Dec 07, 16 18:04

The major mobile forensic vendors keep an eye open on the open source projects and if there is anything useful released, they implement those (or at least reuse the idea) in their own products.
Apple passcode unlock + decrypted filesystem dump, Android user locks unlock + physical dump with decrypted userdata partition. We provide our services world-wide, but we reserve the right for choosing which tasks we take and which we deny! 

Senior Member

Re: Looking for a little advice.

Post Posted: Dec 07, 16 22:07

- Preeny95
I am just wondering if anyone could point me in the right direction towards some of the better open source products out there?

Start from what amount of time you have available for this. Don't select a product that you can't cover in the time ... and you should not underestimate the time required.

Find a tool that does one, fairly small and well-delimited task, and preferrably one that you understand well, and that you have some reasonably good test data for.

If you are going to look at some tool that does unix-like file system analysis for example, see if you can find Elizabeth Zwicky's test data for backup programs. It was created to be completely legitimate, have almost everything (file names as long as the platform allowed, directory trees as deep as could be handled, files with 'holes', files with control characters in file names, files that didn't allow any access to anyone, etc. etc.) and many backup programs failed to handle the data in that test suite correctly.

Very instructive.  


Re: Looking for a little advice.

Post Posted: Feb 12, 17 06:30


Incase anybody would like to know, the product I chose was OSForensics. I am happy to provide my insights on the product if anybody is interested.

Kindest Regards.  

Page 2 of 3
Page Previous  1, 2, 3  Next