swinfosec
asked on
Open Source Programs for Forensic Investigations?
I am looking to find some open source tools for forensic investigations. I was wondering any industry wide recognized programs that would hold up in a court of law. I especially need one relating to network drive acquiring that can grab drives from non-local drive locations. It does not matter if they are command line or not. Command line might almost be preferred due to its abilty to be included in a batch file itself.
ASKER
I was just looking up alternatives to commercial software such as FTK or Encase. There is not an actual need for me working on a case. I just wanted to familiarize myself with open source applications that could be used.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi swinfosec,
I agree with MalleusMaleficarum, various open source tools Helix is one of the best and handy.
Also if you want just have a look at the project called CAINE, its nice and simple.
CAINE (Computer Aided INvestigative Environment) is a GNU/Linux live distribution created by Giancarlo Giustini as a project of Digital Forensics for Interdepartment Center for Research on Security (CRIS), supported by the University of Modena and Reggio Emilia.
CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.
http://www.caine-live.net/
I agree with MalleusMaleficarum, various open source tools Helix is one of the best and handy.
Also if you want just have a look at the project called CAINE, its nice and simple.
CAINE (Computer Aided INvestigative Environment) is a GNU/Linux live distribution created by Giancarlo Giustini as a project of Digital Forensics for Interdepartment Center for Research on Security (CRIS), supported by the University of Modena and Reggio Emilia.
CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.
http://www.caine-live.net/
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
How to do a forensic analysis goes way beyond anything I could answer here....
As far as software.... I 've always used WinHEX, now called X-ways...
http://www.x-ways.net/winhex/index-m.html
http://www.x-ways.net/forensics/index-m.html