mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-20 19:41:34 +01:00
3dac6b0851
Signed-off-by: David Spencer <idlemoor@slackbuilds.org> |
||
---|---|---|
.. | ||
README | ||
slack-desc | ||
sleuthkit.info | ||
sleuthkit.SlackBuild |
The Sleuth Kit (TSK) is a library and collection of command line tools that allow you to investigate disk images. The core functionality of TSK allows you to analyze volume and file system data. The plug-in framework allows you to incorporate additional modules to analyze file contents and build automated systems. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence. Sleuthkit can optionally use libewf (for Expert Witness files) and afflib (for Advanced Forensic Format files). Note: If you are building TSK for use with Plaso or the DFVFS, it is strongly recommended that you build libewf support into TSK by installing libewf first.