The Sleuth Kit (TSK) & Autopsy Logo

The Sleuth Kit (TSK) & Autopsy

0
Free
Visit Website

The Sleuth Kit is a collection of command line tools and a C library that allows you to analyze disk images and recover files from them. Autopsy is an easy to use, GUI-based program that allows you to efficiently analyze hard drives and smart phones, with a plug-in architecture for add-on modules in Java or Python.

FEATURES

ALTERNATIVES

Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.

Truehunter is a tool designed to detect encrypted containers with a focus on Truecrypt and Veracrypt, utilizing a fast and memory efficient approach.

WinSearchDBAnalyzer can parse and recover records in Windows.edb, providing detailed insights into various data types.

A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.

A tool with advanced filtering capabilities for analyzing events based on time, path, weekday, and date.

A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.

A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.

A library to access and manipulate RAW image files.