Difference between revisions of "Help Documents"
From SleuthKitWiki
(Added link to schema.) |
|||
| Line 1: | Line 1: | ||
| − | This page contains links and references to online help documents on [[The Sleuth Kit | + | This page contains links and references to online help documents on [[The Sleuth Kit]]. The [[Books and Courses on TSK]] page contains links to books and courses. |
| − | = | + | = Command Line Tools = |
| − | + | ||
* The [[TSK Tool Overview]] page lists all of the command line tools in TSK. | * The [[TSK Tool Overview]] page lists all of the command line tools in TSK. | ||
| − | * The [[FS Analysis]] Techniques page | + | * The [[FS Analysis]] Techniques page shows how the command line tools can be used. |
| + | * [[Error Messages]] (Explanation of messages that you may encounter) | ||
| − | + | = Analysis Techniques = | |
* [[Timelines]] | * [[Timelines]] | ||
| − | + | ||
| − | + | == Concepts == | |
| + | These should get moved to a better location on the wiki | ||
* [[Metadata Address]] | * [[Metadata Address]] | ||
* [[data units]] | * [[data units]] | ||
* [[Block Address]] | * [[Block Address]] | ||
* [[Orphan Files]] | * [[Orphan Files]] | ||
| − | |||
| − | |||
| − | |||
| − | |||
== Big Picture == | == Big Picture == | ||
Latest revision as of 21:27, 5 June 2012
This page contains links and references to online help documents on The Sleuth Kit. The Books and Courses on TSK page contains links to books and courses.
Contents
[hide]Command Line Tools
- The TSK Tool Overview page lists all of the command line tools in TSK.
- The FS Analysis Techniques page shows how the command line tools can be used.
- Error Messages (Explanation of messages that you may encounter)
Analysis Techniques
Concepts
These should get moved to a better location on the wiki
Big Picture
This section contains links to articles on using The Sleuth Kit as a whole (i.e. the articles are not about a specific tool).
- Law Enforcement and Forensic Examiner Introduction to Linux: A Beginner's Guide. Barry Grundy. 2003 (NASA OIG) - Updated December 2008.
- CyberGuardians Cheat Sheet: 2-page PDF with sample commands for a variety of common TSK activities. Useful for veteran analysts who want to quickly look up a forgotten flag, or for a beginner looking to learn by example and experimentation.
- Running Sleuthkit and Autopsy Under Windows by Charles Lucas (local copy)
General Locations
This section lists locations where relevant documents may be found.
- The Sleuth Kit Informer (www.sleuthkit.org) newsletter (no longer active)
- Sleuth Kit Documents Page (www.sleuthkit.org)
- Autopsy Documents Page (www.sleuthkit.org)
- GIAC Reports - Look at the reports that people submitted for their GIAC certification. There are quite a few if you search for 'sleuth' or 'autopsy'.
