The Sleuth Kit (TSK) is a pretty famous forensic tools set. I've personally used this numerous times and I find it to be a great successor of the famous Coroner's Toolkit (TCT). The tools set consists of various command line applications that allow you to examine file systems. You can find more information about TSK at http://www.sleuthkit.org/sleuthkit/desc.php.
TSK has been finally released as Windows binaries, so you don't have to compile them manually anymore. You can download the tool kit from http://www.sleuthkit.org/sleuthkit/download.php.
Thanks to Edi for sending us a note about TSK.
I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Riyadh October 2019
Sep 5th 2006
1 decade ago