Digital Forensics Tools/Distros
I was researching digital forensics distros/platforms and came across several. Which ones are the best to use? most recognized? I know there are many tools for different forensics analysis but I am talking about the overall distros.
Digital Forensics Framework
Sleuth kit +Autopsy
SANS SIFT (this is distro is based on SANS courses)
EnCase (has certification) Tools require license/fees
AccessData FTK (has certification)
Kali Linux (distro has autopsy, Digital Forensics Framework, volatility, and others)
Aside from EnCase, most of these tools are freeware. So whats the verdict here? people use one? two? multiples of these tools during investigations? Any recommended books or courses?
Thanks!
Digital Forensics Framework
Sleuth kit +Autopsy
SANS SIFT (this is distro is based on SANS courses)
EnCase (has certification) Tools require license/fees
AccessData FTK (has certification)
Kali Linux (distro has autopsy, Digital Forensics Framework, volatility, and others)
Aside from EnCase, most of these tools are freeware. So whats the verdict here? people use one? two? multiples of these tools during investigations? Any recommended books or courses?
Thanks!
Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX
2023 Cert Goals: SC-100, eCPTX
Comments
Use the best tool for the job, you aren't going to find a one size fits all cases platform.
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GCWN | GSE
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
Also, it depends on how much money you have.
What is your goal here?
DEFT Linux - Computer Forensics live CD |