Tools can be opened manually from the terminal window or with the help of top menu bar. It also explains where evidence can be found on a system. SIFT provides user documentation that allows you to get accustomed to the available tools and their usage. It comes with tools to carve data files, generate timeline from system logs, examine recycle bins, and much more. It supports analysis in advanced forensic format (AFF), expert witness format (E01) and RAW evidence (DD) format. SANS Investigative Forensic Toolkit (SIFT)īased on Ubuntu, SIFT has all the important tools needed to carry out a detailed forensic analysis or incident response study. These are multipurpose forensic toolkits that can carry out a number of detailed digital forensic tasks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |