[sleuthkit-announce] TSK 3.2.0b1 available
Brought to you by:
carrier
Menu
▾
▴
[sleuthkit-announce] TSK 3.2.0b1 available
|
From: Brian C. <ca...@sl...> - 2010-09-19 01:05:49
|
A 3.2.0 beta release is available at: http://sleuthkit.org/betas/ This has some bug fixes and new features. The big group of new features is centered around a new automation class. It makes it much easier to write applications that can go through a disk image and look at all of the files. There are three new tools with the new class: - tsk_loaddb: Analyzes a disk image and loads all of the details into a SQLite database for later analysis. - tsk_comparedir: Compares a local directory structure to a disk image or raw device. This can be used for either looking for rootkits (by comparing a local directory with the corresponding raw device) or testing TSK. - tsk_recover: Recovers the deleted files in a image and extracts them to a local directory hierarchy. This has been a common request over the years. I still need to work on some man / wiki pages for all of these tools, but they all have a usage statement for you to start with. brian |
