Conduct Specialist Investigations with Digital Forensics Tools

Digital Forensics

Digital forensics is a specialist art. It allows investigations to be undertaken without modifying the media. Being able to preserve and analyze data in a safe and non-destructive way is crucial when using digital evidence as part of an investigation, and even more so when a legal audit trail needs to be maintained. Digital forensics can be used in a wide range of investigations such as computer intrusion, unauthorised use of computers including the violation of an organisation’s internet-usage policy, gathering intelligence from documents and emails, as well as the protection of corporate assets.

We have extolled the virtues of open source software in many of our previous articles. The debate between open source and closed source software has often centered on factors such as freedom, reliability, interoperability and open standards, support, and philosophy.

In this instance, open source software offers a legal benefit, as it can increase the admissibility of digital forensic evidence. This is because open source tools enable the investigator and court to verify that a tool does what it claims and makes it easier to prove that the original drive has not been modified, or that a copy has not been modified.

Digital Forensics Tools
GRR Rapid ResponseIncident response framework focused on remote live forensics
Radare2Portable reversing framework
The Sleuth KitLibrary and collection of command line tools to investigate disk images
AutopsyDigital forensics platform and graphical interface to The Sleuth Kit
VolatilityExtraction of digital artifacts from volatile memory (RAM) samples
dcflddEnhanced version of dd with features useful for forensics and security
Are you interested in learning the art of programming? There are lots of excellent free and open source programming books that teach you how to program in every popular programming language. Read these Free Books.

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.