TSK Library User's Guide

From SleuthKitWiki
Revision as of 08:03, 25 April 2017 by Apriestman (Talk | contribs)

Jump to: navigation, search

This guide (which is a work in progress) is for developers that want to use the library part of The Sleuth Kit (TSK) in a program. TSK has both a static C/C++ library and a collection of command line tools that use the library. All of the functionality of the command line tools can be obtained from the library (and it is much more efficient to directly call the library instead of calling the individual tools and parsing the output.

Refer to the TSK Bindings page for details on how the TSK library can be accessed from other languages besides C/C++.

"Official" Documents

The term official is used very loosely here, but these are the documents that are shipped with TSK or have been published on the sleuthkit.org website. Note: Please do not remove links from this section because they could be the only links to the pages on the website.

  • User's Guide: The API spec has a User's Guide section that outlines how to use the library and how to get your build system setup.
  • API Specification: The API spec is automatically created from the source code and describes the public API functions and the arguments.
  • Samples: The source code comes with some sample skeleton code that uses the library to open a disk image and parse through the volumes and files.
  • Support: If you have questions, find bugs, or want to contribute patches then refer to the TSK support page for details on where to send questions or submit bugs and patches.

"External" Documents

These are documents that others have written on using the TSK library

  • (to be created...)