mirror of
https://github.com/Ponce/slackbuilds
synced 2024-12-02 13:04:42 +01:00
f84a4648ae
Signed-off-by: B. Watson <yalhcru@gmail.com> Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
25 lines
1.2 KiB
Text
25 lines
1.2 KiB
Text
The Sleuth Kit (TSK) is a library and collection of command line
|
|
tools that allow you to investigate disk images. The core
|
|
functionality of TSK allows you to analyze volume and file system
|
|
data. The plug-in framework allows you to incorporate additional
|
|
modules to analyze file contents and build automated systems. The
|
|
library can be incorporated into larger digital forensics tools and
|
|
the command line tools can be directly used to find evidence.
|
|
|
|
Sleuthkit can optionally use the following libraries to support
|
|
various disk image formats:
|
|
- libewf (for Expert Witness files)
|
|
- afflib (for Advanced Forensic Format files).
|
|
- libvhdi
|
|
- libvmdk
|
|
|
|
Note: If you are building TSK for use with Plaso or the DFVFS, it is
|
|
strongly recommended that you build libewf, libvhdi and libvmdk
|
|
support into TSK by installing those libraries first.
|
|
|
|
Note: by default, Java support is disabled in this build. If you
|
|
require Java support, install a JDK (jdk, openjdk8, etc), source its
|
|
profile script, and run sleuthkit.SlackBuild with JAVA=yes in the
|
|
environment. Be warned that the Java build process downloads many
|
|
files, therefore it requires network access (something SlackBuild
|
|
scripts normally don't do).
|