asked on
Forensic Work
Hello I need to have a work creating an image of my hard drive could be like dd kind or any using Windows. These are the topics I need:
1.-Create the image of the hard drive in format dd or any format you suggest.What tool to use in Windows if there is free. I heard access data imager is good I think has cost.
2.-After create the image create the md5 hs from image and original HD to confirm was duplicated 100%. What tool to do thi in Windows free?
3.-Search in th image for files with the words "spell star".What tool to use in Windows free to search in the created image in format dd or any you suggested?
4.-Search in the image file for emails with the words "spell star".What tool in Windows to search in the created image in format with the words "spell star".
5.-For each tool to use in steps 1,2,3,4 if have the ability to store log files of each procedure step.
If somene can help to know what tools to use in each step by free if there are.
Thank you
1.-Create the image of the hard drive in format dd or any format you suggest.What tool to use in Windows if there is free. I heard access data imager is good I think has cost.
2.-After create the image create the md5 hs from image and original HD to confirm was duplicated 100%. What tool to do thi in Windows free?
3.-Search in th image for files with the words "spell star".What tool to use in Windows free to search in the created image in format dd or any you suggested?
4.-Search in the image file for emails with the words "spell star".What tool in Windows to search in the created image in format with the words "spell star".
5.-For each tool to use in steps 1,2,3,4 if have the ability to store log files of each procedure step.
If somene can help to know what tools to use in each step by free if there are.
Thank you
Digital ForensicsStorage SoftwareWindows OS
Last Comment
coerrace
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
I used FTK free version is very good for a free version has evertyhing and you can mount image or add evidence items inside itself and for emails an OST to PST converter reader and searcher
Thank you for all
Thank you for all
You can use something like DriveImage XML from Runtime.org,but you would need a write blocker of some sorts.