Date: Fri, 29 Mar 2024 03:38:50 -0400 (EDT)
Message-ID: <600678217.30000.1711697930757@lyrasis1-roc-mp1>
Subject: Exported From Confluence
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_29999_293764138.1711697930755"
------=_Part_29999_293764138.1711697930755
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Location: file:///C:/exported.html
Tools
Tools
- Tool Scenarios, Specifications, Requests (e.g. I would really l=
ike a tool to do x, y and z...)
- Pre-SIP Tools and Workflow
- AccessData FTK (=
Forensic Toolkit)=20
- Description: FTK is designed for law enforcement officials and corporat=
e security and IT professionals who need to access and evaluate the evident=
iary value of files, folders, and computers. However, the bookmarks and lab=
els functions which help investigators to organize the evidence they select=
ed are equally applicable to the organization of the whole born digital col=
lection. The pattern and full text search functions which are used to find =
particular evidence are equally applicable to search for restricted materia=
ls.
- Availability: Now. http://accessdata.co=
m/products/computer-forensics/ftk
- License: Proprietary
- Developers: AccessData Group
- First release:
- Current release: 3.3
- See YouTube video on the use of AccessData FTK to extract technica=
l metadata and to assign descriptive metadata to collections at <=
a class=3D"external-link" href=3D"http://www.google.com/url?sa=3DD&q=3D=
http://www.youtube.com/watch%3Fv%3DhDAhbR8dyp8" rel=3D"nofollow">http://www=
.youtube.com/watch?v=3DhDAhbR8dyp8
-
- Bulk Extractor
- Description: "a C++ program that scans a disk image, a file, or a direc=
tory of files and extracts useful information without parsing the file syst=
em or file system structures". For sample output, see http://www.forensicswiki.org/wiki/Bulk_extractor
- Availability:
- License:
- Developers:
- First release: September, 2008?
- Current release:
- Gumshoe
- description: Gumshoe is a Rails-based application for searching metadat=
a from disk images. It relies on Blacklight, Solr, and =
fiwalk.
- Availability:
- License:
- Developers: Mark Matienzo
- First release:
- Current release:
-
- fiwalk=20
- sleuthkit=20
- description: The Sleuth Kit (TSK) is a library and collection of comman=
d line tools that allow you to investigate volume and file system data. The=
library can be incorporated into larger digital forensics tools and the co=
mmand line tools can be directly used to find evidence. You can use it with=
the Autopsy Forensic Browser.
- Availability: download here.
- License: Some of the files have roots in The Coroner's Toolkit (TCT) an=
d are distributed under the IBM Public License. Thes=
e files are limited to the file system code and mainly for the FFS and Ext2=
file systems. Files that have been created since the fork are released und=
er the Common Public License. This includes all othe=
r files in the library. Note that the Common Public License is a generic fo=
rm of the IBM Public License. TSK also distributes a striped down copy of G=
NU binutils
strings
, which has a GPL 2li=
cense.
- Developers:
- First release:
- Current release: 3.2.1 (February, 27, 2011)
- autopsy=20
- guymager (imaging tool)
-
- ddrescue a raw disk imaging tool that =
"copies data from one file or block device to another, trying hard to rescu=
e data in case of read errors." See more info from forensics wiki here: http://www.forensicswiki.org/wiki/Ddrescue
- Email tools=20
- CERP email parser
- PeDALS PST parser
- SIP Tools and Workflows
- Curator's Workbench
- Description: The Curator's Workbench is an extensible, multi-platform d=
igital collection and appraisal tool for the desktop. It is designed to acq=
uire and process batch data efficiently while giving the user control over =
work flow.
- Available for download for Mac, PC and Linux here.
- License: free and open source under Apache 2
- Developers: Greg Jansen at University of North Carolina at Chapel Hill<=
/li>
- First release: December 2010
- Current Release:
- AIP Tools and Workflows
- Archivematica
- Description: Archivematica is a comprehensive digital preservation system. Archivematica uses a micro-services design pattern to provide an inte=
grated suite of free and open-source tools that allows users to process dig=
ital objects from ingest to access in compliance with the ISO-OAIS function=
al model.
- Availability: available for download via virtual appliance, live USB, l=
ive DVD or a checkout from Subversion here.
- License: free and open source under GPL version 2
- Developers: Artefactual Systems
- First release:
- Current release:
------=_Part_29999_293764138.1711697930755--