This page outlines how to use git to get the Sleuth Kit source code. It assumes basic familiarity with git, but maybe not all of the nuances of working with git submodules.

Getting a Read Only Copy of Sleuth Kit Core

If you only want to get a copy of the core TSK (i.e. not the framework) and do not intend to make updates, then clone the main repository:

git clone git://github.com/sleuthkit/sleuthkit.git

This will download the basics of the framework, but not the modules.

Getting a Read/Write Copy of Sleuth Kit Core

If you want to modify the code and submit changes, then fork the github repository into your own github account. Make changes there and submit a pull request.

Sleuth Kit Framework

Submodules

If you want to fully build TSK and the framework, then you'll need to also pull in the submodules. The C++ modules that run inside of the framework are in separate repositories. The framework code uses git submodules to bring those modules into the framework.

For example, the module that opens ZIP files is named c_ZIPExtractionModule. It has its own [ https://github.com/sleuthkit/c_ZIPExtractionModule | repository]. The sleuthkit git repository includes the ZIP extraction module using git submodules into the 'framework/TskModules/c_ZIPExtractionModule' folder. There are several submodules in that folder.

Cloning

To get all of the submodules from the clone, you should use --recursive. For example, to clone the official repo you would use:

git clone --recursive git://github.com/sleuthkit/sleuthkit.git

Otherwise, you will need to use:

git submodule init
git submodule update

You will also need to use '--recursive' if you forked the main repository and are working from that.