SecBSD's official ports repository
This commit is contained in:
commit
2c0afcbbf3
GPG key ID:
F42C07F07E2E35B7
64331 changed files with 5339189 additions and 0 deletions
22
sysutils/sleuthkit/pkg/DESCR
Normal file
22
sysutils/sleuthkit/pkg/DESCR
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
The Sleuth Kit (previously known as TASK) is the only open
|
||||
source forensic toolkit for a complete analysis of Microsoft
|
||||
and UNIX file systems.
|
||||
It enables investigators to identify and recover evidence from
|
||||
images acquired during incident response or from live systems.
|
||||
|
||||
Some of its features :
|
||||
|
||||
* Analyzes images generated by the open source 'dd' utility,
|
||||
found on all UNIX systems and available for Windows systems.
|
||||
* Supports the NTFS, FAT, FFS, and EXT2FS file systems. Images
|
||||
of a different endian ordering than the analysis system can
|
||||
be used.
|
||||
* The tools are organized in a layered approach, where the names
|
||||
in each layer start with the same letter to help the user identify
|
||||
the function of the tool. The layers include File System, File
|
||||
Name (directory entries and NTFS index trees), Meta-Data (UNIX
|
||||
inodes and NTFS MFT entries), and Content (blocks and clusters).
|
||||
* Identifies deleted files by name and location.
|
||||
* Identifies the status of content units (blocks and clusters)
|
||||
and meta-data structures.
|
||||
* Maps the relationship of objects across different layers.
|
||||
Loading…
Add table
Add a link
Reference in a new issue