The Sleuth Kit iconThe Sleuth Kit 4.1.3

A collection of Open Source UNIX-based command-line file and system forensic analysis tools
The Sleuth Kit (previously known as TASK) is an open source command-line software written in C/C++ and designed as a set of utilities for investigating UNIX-like filesystems.

In other words, it is an open source collection of filesystem forensics tools that allow users to view deleted and allocated data from various file systems, including EXT2, EXT3, EXT4, NTFS, FAT, HFS+, ISO9660, UFS 1, UFS 2, and FFS.

The Sleuth Kit is engineered in such a way that it allows the analization of raw, Expert Witness and AFF disk images and filesystems. In addition, it creates time lines of file activity, displays details and contents of all NTFS attributes, and much more.

last updated on:
February 7th, 2014, 8:24 GMT
price:
FREE!
developed by:
Brian Carrier
license type:
Common Public License 
category:
ROOT \ Security

FREE!

In a hurry? Add it to your Download Basket!

user rating 20

UNRATED
3.2/5
 

0/5

What's New in This Release:
  • This release adds minor bug fixes and enhancements.
read full changelog

Add your review!

SUBMIT