sleuthkit

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital...

翻译 - SleuthKit®（TSK）是命令行数字取证工具的库和集合，使您可以研究卷和文件系统数据。该库可以合并到较大的数字取证工具中，并且可以直接使用命令行工具查找证据。

An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.

Forensic Analysis Tool for Btrfs File System.

An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.

A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.

Collection of popular DFIR tools in a lightweight and fast docker image

NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.). It uses TSK (The Sleuthkit) and it has been developed with Lazarus V. 1.6.2 ( Del...

Python tool to extract File slacks from disk images.

Forensic Inode Analysis

Linux command line thumbstick file recovery script using SleuthKit

A Bash script that utilizes The Sleuth Kit to recover directories in their entirety

Recover normal and deleted files from a partition

Unlock the story hidden in data - Your digital investigation partner. The Sleuth Kit Python Wrapper.

Solutions to some assignments of the Digital Forensics course that I took during my master's degree at UNIGE (University of Genova).

Automatic Github Workflows packager for autopsy

An interactive shell for The Sleuth Kit's fls tool.

This repository is a mirror of https://gitlab.com/sequence/connectors/tsk