Posts

Creating a Forensic Image Lets us begin with creating an image copy of the original evidence.

-
Image
  Creating a Forensic Image Forensic Imaging is one of the most crucial steps involved in digital forensic investigation. It is the process of making an archival or backup copy of the entire hard drive. It is a storage file that contains all the necessary information to boot to the operating system. However, this imaged disk needs to be applied to the hard drive to work. One cannot restore a hard drive by placing the disk image files on it as it needs to be opened and installed on the drive using an imaging program. A single hard drive can store many disk images on it. Disk images can also be stored on flash drives with a larger capacity. Open FTK Imager by AccessData after installing it, and you will see the window pop-up which is the first page to which this tool opens. Now, to create a Disk Image. Click on File > Create Disk Image. Now you can choose the source based on the drive you have. It can be a physical or a logical Drive depending on your evidence. A  Physical Dr...
Post a Comment
Read more

About AccessData FTK Imager

-
Image
  F TK Imager is an open-source software by AccessData that is used for creating accurate copies of the original evidence without actually making any changes to it. The Image of the original evidence is remaining the same and allows us to copy data at a much faster rate, which can be soon be preserved and can be analyzed further. The FTK imager also provides you with the inbuilt integrity checking function which generates a hash report which helps in matching the hash of the evidence before and after creating the image of the original Evidence. Table of Contents Creating a Forensic Image Capturing Memory Analyzing Image dump Mounting Image to Drive Custom Content Image using AD encryption Decrypt AD Encryption Obtain Protected Files Detect EFS Encryption Export Files
Post a Comment
Read more

Best digital forensics tool Autopsy tool

-
Image
 AUTOPSY TOOL Autopsy  is computer software that makes it simpler to deploy many of the open source programs and plugins used in The sleuth kit. The graphical user interface displays the results from the forensic search of the underlying volume making it easier for investigators to flag pertinent sections of data. The tool is largely maintained by Basis Technology Corp .  with the assistance of programmers from the community. The company sells support services and training for using the product.
1 comment
Read more