SANS Digital Forensics and Incident Response Blog: Daily Archives: Jun 03, 2010

Digital Forensics Case Leads: FTK's updates

Whether you use FTK or Encase, commercial products have incredible functionality that can be utilized in conjunction with open source computer forensics tools.For this week's Digital Forensics Case Leads, I wanted to focus on the updates to FTK. With commercial based products, just like with open source, it is a matter of preference which tool you want to add to you forensic arsenal.

Tools:

  • Forensic Toolkit (FTK') version3.1.2 was released May 17th with a 'New and Improved'section including 'View This Item in a Different List' feature that allows the user to right click on a folder, then go to that folder in a Graphics tab and see the files inside as well asimproved identification of JavaScript Object Notation (JSON) files such as those found in programs like FaceBook.
  • For the Password Recovery Toolkit'(PRTK') version6.5.1,and Distributed

...