Difference between revisions of "Reference Documents"

From SleuthKitWiki
Jump to: navigation, search
Line 7: Line 7:
  
  
=General Digital Investigation Pages=
+
=General Digital Investigation Sites=
 
(in alphabetical order)
 
(in alphabetical order)
 
* [http://www.forensix.org/ Computer Forensics, Cybercrime and Steganography Resources]
 
* [http://www.forensix.org/ Computer Forensics, Cybercrime and Steganography Resources]
 
* [http://www.e-evidence.info/ E-Evidence Info]
 
* [http://www.e-evidence.info/ E-Evidence Info]
 +
* [http://www.forensicswiki.org/ Forensics Wiki]
 
* [http://www.linux-forensics.com/ Linux-Forensics]
 
* [http://www.linux-forensics.com/ Linux-Forensics]
 
* [http://www.opensourceforensics.org/ Open Source Forensics]
 
* [http://www.opensourceforensics.org/ Open Source Forensics]

Revision as of 20:10, 5 June 2007

Tools and Libraries that are used by The Sleuth Kit

(in alphabetical order)

  • AFFLib (AFF image format support)
  • file (detects file type)
  • libewf (EnCase / Expert Witness image format support)


General Digital Investigation Sites

(in alphabetical order)


Forensic Tool Testing

(in alphabetical order)


Bootable CDs (without The Sleuth Kit)

(in alphabetical order)


UNIX-based File System Analysis Tools

File Hash Databases

(in alphabetical order)

File System Documents

File System Forensic Analysis

NTFS

FAT

EXT2FS

EXT3FS

  • EXT3, Journaling Filesystem (Tweedie)

Volume System Documents

(in alphabetical order)

Disk Acquisition Tools

(in alphabetical order)