Difference between revisions of "Help Documents"

From SleuthKitWiki
Jump to: navigation, search
m
m (Reformatted.)
Line 9: Line 9:
 
All of the tools have a description on the main sleuthkit.org page, but the links below are for the new wiki home.  
 
All of the tools have a description on the main sleuthkit.org page, but the links below are for the new wiki home.  
  
==Disk Tools:==
+
Sleuthkit is a suite of forensic analysis tools.  Tools are grouped by their focus (e.g.: hash analysis, volume records, etc.).  Below are all tools grouped by their particular focus area.
* [[disk_sreset]]
+
 
* [[disk_stat]]
+
{| border="1" cellpadding="5" valign="top"
==Volume System Tools:==
+
|-
* [[mmls]]
+
!Focus
* [[mmstat]]
+
!Tools
==File System Tools (File Name Layer):==
+
|-
* [[fls]]
+
| Disk Tools || [[disk_sreset]], [[disk_stat]]
* [[ffind]]
+
|-
==File System Tools (Meta Data Layer):==
+
| Volume System Tools || [[mmls]], [[mmstat]]
* [[icat]]
+
|-
* [[ifind]]
+
| File System Tools (File Name Layer) || [[fls]], [[ffind]]
* [[ils]]
+
|-
* [[istat]]
+
| File System Tools (Meta Data Layer) || [[icat]], [[ifind]], [[ils]], [[istat]]
==File System Tools (Data Layer)==
+
|-
* [[dcalc]]
+
| File System Tools (Data Layer) || [[dcalc]], [[dcat]], [[dls]], [[dstat]]
* [[dcat]]
+
|-
* [[dls]]
+
| File System Tools (File System Layer) || [[fsstat]]
* [[dstat]]
+
|-
==File System Tools (File System Layer)==
+
| File System Tools (Journal Layer) || [[jcat]], [[jls]]
* [[fsstat]]
+
|-
==File System Tools (Journal Layer)==
+
| Hash Database Tools || [[hfind]]
* [[jcat]]
+
|-
* [[jls]]
+
| Image Format Tools || [[img_cat]], [[img_stat]]
==Hash Database Tools==
+
|-
* [[hfind]]
+
|Time Line Tools || [[mactime]]
==Image Format Tools==
+
* A description of the [[mac-robber output]]
* [[img_cat]]
+
|}
* [[img_stat]]
+
==Time Line Tools==
+
* [[mactime]]
+
** A description of the [[mac-robber output]]  
+
  
 
=Non-English Documents=
 
=Non-English Documents=
 
* [http://www.monyo.com/technical/unix/TASK/autopsy-help-ja/ Japanese help by Motonobu Takahashi]
 
* [http://www.monyo.com/technical/unix/TASK/autopsy-help-ja/ Japanese help by Motonobu Takahashi]
 
* [http://alonsocaballero.informatizate.net/archivos/autopsy_reydes.pdf Documentación de Autopsy en español por Alonso E. Caballero Quezada]
 
* [http://alonsocaballero.informatizate.net/archivos/autopsy_reydes.pdf Documentación de Autopsy en español por Alonso E. Caballero Quezada]

Revision as of 14:40, 17 November 2007

This page contains links and references to help documents that were created by The Sleuth Kit and Autopsy users.

English Documents

All of the tools have a description on the main sleuthkit.org page, but the links below are for the new wiki home.

Sleuthkit is a suite of forensic analysis tools. Tools are grouped by their focus (e.g.: hash analysis, volume records, etc.). Below are all tools grouped by their particular focus area.

Focus Tools
Disk Tools disk_sreset, disk_stat
Volume System Tools mmls, mmstat
File System Tools (File Name Layer) fls, ffind
File System Tools (Meta Data Layer) icat, ifind, ils, istat
File System Tools (Data Layer) dcalc, dcat, dls, dstat
File System Tools (File System Layer) fsstat
File System Tools (Journal Layer) jcat, jls
Hash Database Tools hfind
Image Format Tools img_cat, img_stat
Time Line Tools mactime

Non-English Documents