Data Carving-Recovering deleted files from unallocated space by using PhotoRec.
Web Artifacts-Extracting bookmarks, history, and cookies from web browsers.
Keyword Search-Indexed keyword search makes file search easier.
Hash Filtering-Flags known bad files and overlooks known good files.
Timeline Analysis-Advanced interface for graphical event viewing.
It is used at the back end in the Autopsy tool. Sleuth Kit is a collection that consists of command line tools and a C library allowing the analysis of disk images and file recovery. It has an easy-to-use interface, processes data fast, and is cost-effective. It is used worldwide by a large number of users, including law enforcement agencies, the military, and corporations to carry out investigations on a computer system. Pros: Better utilization of memory, modern forensic tools and techniques, expanded file system support.Īutopsy is a digital forensics platform that efficiently analyzes smartphones and hard disks.
FREE OXYGEN FORENSICS ALTERNATIVE INSTALL
Choice to install stand-alone via (.iso) or use via VMware Player/Workstation.
Cross-compatibility between Windows and Linux.
VMware appliance ready to tackle forensics.
FREE OXYGEN FORENSICS ALTERNATIVE UPDATE
Auto-DFIR package update and customization.
Having more than 100,000 downloads to date, SIFT continues to be a widely used open-source forensic and incident response tool. Tools can be opened manually from the terminal window or with the help of top menu bar. It also explains where evidence can be found on a system. SIFT provides user documentation that allows you to get accustomed to the available tools and their usage. It comes with tools to carve data files, generate timeline from system logs, examine recycle bins, and much more. It supports analysis in advanced forensic format (AFF), expert witness format (E01) and RAW evidence (DD) format. SANS Investigative Forensic Toolkit (SIFT)īased on Ubuntu, SIFT has all the important tools needed to carry out a detailed forensic analysis or incident response study. These are multipurpose forensic toolkits that can carry out a number of detailed digital forensic tasks.