BackTrack ready for use in forensics
I've known BackTrack for a while already, and it includes various nice tools for digital forensics. However, up till now, it was never 'good enough' for real forensic purposes, as it mounts drives etcetera. In BackTrack 4, this has changed, as you can now select to boot without swap and mounting drives.
Of course, as always, verify that it does what it says on the tin. But if it does, this is a very nice addition to a forensic or incident response toolkit. Forensic tools currently included in BackTrack are:
Of course, as always, verify that it does what it says on the tin. But if it does, this is a very nice addition to a forensic or incident response toolkit. Forensic tools currently included in BackTrack are:
AutopsyFor more info about BackTrack and the various other tools included, visit the website or book one of their excellent training classes.
dcfldd
Foremost
Magic Rescue
Mboxgrep
scalpel
Vinetto
Labels: digital forensics, incident handling
Post a Comment