Difference between revisions of "Help Documents"

From SleuthKitWiki
Jump to: navigation, search
(Moved articles from other doc page and rearranged this a bit.)
Line 1: Line 1:
 
This page contains links and references to help documents that were created by [[The Sleuth Kit]] and [[Autopsy]] users.  
 
This page contains links and references to help documents that were created by [[The Sleuth Kit]] and [[Autopsy]] users.  
  
==English Documents==
+
= English Documents =
* [http://www.sleuthkit.org/informer/ The Sleuth Kit Informer (www.sleuthkit.org)] newsletter
+
== Big Picture ==
 +
This section contains links to articles on using The Sleuth Kit as a whole (i.e. the articles are not about a specific tool).
 +
* [http://www.sleuthkit.org/informer/ The Sleuth Kit Informer (www.sleuthkit.org)] newsletter (no longer active)
 
* [http://www.sleuthkit.org/sleuthkit/docs.php Sleuth Kit Documents Page (www.sleuthkit.org)]
 
* [http://www.sleuthkit.org/sleuthkit/docs.php Sleuth Kit Documents Page (www.sleuthkit.org)]
 
* [http://www.sleuthkit.org/autopsy/docs.php Autopsy Documents Page (www.sleuthkit.org)]
 
* [http://www.sleuthkit.org/autopsy/docs.php Autopsy Documents Page (www.sleuthkit.org)]
 +
* [ftp://ftp.hq.nasa.gov/pub/ig/ccd/linuxintro/ Law Enforcement and Forensic Examiner Introduction to Linux: A Beginner's Guide]. Barry Grundy. 2003. NASA.
 +
* [http://www.giac.org/ GIAC Reports] - Look at the reports that people submitted for their GIAC certification. There are quite a few if you search for 'sleuth' or 'autopsy'.
 
* [[Licenses]]
 
* [[Licenses]]
  
All of the tools have a description on the main sleuthkit.org page, but the links below are for the new wiki home.  
+
== Individual Tools ==
 +
This section contains links to articles on using specific Sleuth Kit tools. All of the tools have a description on the main sleuthkit.org page, but the links below are for the new wiki home.  
  
 
Sleuthkit is a suite of forensic analysis tools.  Tools are grouped by their focus (e.g.: hash analysis, volume records, etc.).  Below are all tools grouped by their particular focus area.
 
Sleuthkit is a suite of forensic analysis tools.  Tools are grouped by their focus (e.g.: hash analysis, volume records, etc.).  Below are all tools grouped by their particular focus area.

Revision as of 15:28, 20 March 2008

This page contains links and references to help documents that were created by The Sleuth Kit and Autopsy users.

English Documents

Big Picture

This section contains links to articles on using The Sleuth Kit as a whole (i.e. the articles are not about a specific tool).

Individual Tools

This section contains links to articles on using specific Sleuth Kit tools. All of the tools have a description on the main sleuthkit.org page, but the links below are for the new wiki home.

Sleuthkit is a suite of forensic analysis tools. Tools are grouped by their focus (e.g.: hash analysis, volume records, etc.). Below are all tools grouped by their particular focus area.

Focus Tools
Disk Tools disk_sreset, disk_stat
Volume System Tools mmls, mmstat
File System Tools (File Name Layer) fls, ffind
File System Tools (Meta Data Layer) icat, ifind, ils, istat
File System Tools (Data Layer) dcalc, dcat, dls, dstat
File System Tools (File System Layer) fsstat
File System Tools (Journal Layer) jcat, jls
Hash Database Tools hfind
Image Format Tools img_cat, img_stat
Time Line Tools mactime

Non-English Documents