The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Forensic Analysis Tool for Btrfs File System.
A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.
A fork of The Sleuthkit with XFS filesystem support. See PR https://github.com/sleuthkit/sleuthkit/pull/1476 for more info.
Collection of popular DFIR tools in a lightweight and fast docker image
NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.). It uses TSK (The Sleuthkit) and it has been developed with Lazarus V. 1.6.2 ( Delphi compatible cross-platform IDE for Rapid Application Development). It runs only in Windows. If the device image file is splitted, you can select…
Python tool to extract File slacks from disk images.
A Bash script that utilizes The Sleuth Kit to recover directories in their entirety
Recover normal and deleted files from a partition
🕵️♂️ Unlock the story hidden in data - Your digital investigation partner. TheSleuthKit (TSK) Python Wrapper.
Solutions to some assignments of the Digital Forensics course that I took during my master's degree at UNIGE (University of Genova).
A collection of digital forensics lab reports covering Linux artifact recovery, shell history analysis, bash script forensics, and incident reconstruction using tools like SleuthKit, Auditd, and command-line utilities.
An interactive shell for The Sleuth Kit's fls tool.
Automatic Github Workflows packager for autopsy
This repository is a mirror of https://gitlab.com/sequence/connectors/tsk
Add a description, image, and links to the sleuthkit topic page so that developers can more easily learn about it.
To associate your repository with the sleuthkit topic, visit your repo's landing page and select "manage topics."