Time to talk about something about digital forensics! As a graduate student in this area, I think it is very important to try some different tool other than those famous commercial software like FTK or EnCase. Open source software is even greater since it is possible to look at the inside mechanism of digital forensic tools, which is definitely a great learning experience.
The Sleuth Kit ® is such a kind of open source digital forensic tools. It is a set of useful programs designed for basic digital forensic investigation. The main developer of this software is Brian Carrier. One thing worth noting is that he’s also the author of File System Forensic Analysis, a great book explaining file systems in details. This book can be found here.
Below is a my experience about setting up the environment and installing the Sleuth Kit (TSK) in a Debian-based Linux system such as Ubuntu. The actual process may be different on different machines. The operation system I used is Ubuntu 14.04. I hope the difference of OS version and packages won’t bring too many troubles.
...Read more