mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-29 13:00:32 +01:00
f84a4648ae
Signed-off-by: B. Watson <yalhcru@gmail.com> Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org> |
||
---|---|---|
.. | ||
README | ||
slack-desc | ||
sleuthkit.info | ||
sleuthkit.SlackBuild |
The Sleuth Kit (TSK) is a library and collection of command line tools that allow you to investigate disk images. The core functionality of TSK allows you to analyze volume and file system data. The plug-in framework allows you to incorporate additional modules to analyze file contents and build automated systems. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence. Sleuthkit can optionally use the following libraries to support various disk image formats: - libewf (for Expert Witness files) - afflib (for Advanced Forensic Format files). - libvhdi - libvmdk Note: If you are building TSK for use with Plaso or the DFVFS, it is strongly recommended that you build libewf, libvhdi and libvmdk support into TSK by installing those libraries first. Note: by default, Java support is disabled in this build. If you require Java support, install a JDK (jdk, openjdk8, etc), source its profile script, and run sleuthkit.SlackBuild with JAVA=yes in the environment. Be warned that the Java build process downloads many files, therefore it requires network access (something SlackBuild scripts normally don't do).