Digital Forensics Tools/Distros

chrisonechrisone Senior MemberMember Posts: 2,144 ■■■■■■■■■□
I was researching digital forensics distros/platforms and came across several. Which ones are the best to use? most recognized? I know there are many tools for different forensics analysis but I am talking about the overall distros.

Digital Forensics Framework
Sleuth kit +Autopsy
SANS SIFT (this is distro is based on SANS courses)
EnCase (has certification) Tools require license/fees
AccessData FTK (has certification)
Kali Linux (distro has autopsy, Digital Forensics Framework, volatility, and others)

Aside from EnCase, most of these tools are freeware. So whats the verdict here? people use one? two? multiples of these tools during investigations? Any recommended books or courses?

Thanks!
Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
2020 Goals:
Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), IHRP (completed), THPv2 (completed), PTXv2 (completed)
Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eWPT (failed 2x, no further attempts), eCIR (complete), eCTHPv2 (report: awaiting results), eCPTXv2 (Dec)
2021: AZ-500, AZ-104, AZ-204, AZ-303, AZ-304, MS-500

Comments

Sign In or Register to comment.