TASK 1.51 and Autopsy 1.61 are now available.
TASK: http://www.atstake.com/research/tools/task
Autopsy: http://www.atstake.com/research/tools/autopsy
Summary of Changes:
TASK:
- fixed 2 bugs with the NTFS code that generated errors. They had to do
with $MFT and fragmentation (details in CHANGES).
- Updated the version of 'file' that is included
- Added flag to some tools for time skew in seconds. This makes it easier
to correlate data between multiple sources that do not have NTP.
Autopsy:
- improved error messages and minor updates
Tool Descriptions:
The @stake Sleuth Kit (TASK) is an open source collection of file
system forensic analysis tools for Windows and UNIX file systems.
TASK allows one to view allocated and deleted data from NTFS, FAT,
FFS, and EXT2FS images.
The Autopsy Forensic Browser is a graphical interface to the command
line tools in TASK. Autopsy allows one to view allocated and deleted
file system content in a "File Manager" style interface and perform
keyword searches.
brian
|
