Forensic Toolkit: Difference between revisions
Content deleted Content added
Vmanoussos (talk | contribs) m FTK Imager info |
|||
| Line 17: | Line 17: | ||
'''Forensic Toolkit''', or FTK, is a [[computer forensics]] software made by [[AccessData]]. It scans a hard drive looking for various information.<ref name="wired">{{cite web|url=http://www.wired.com/politics/security/commentary/securitymatters/2007/01/72458?currentPage=3|title=Secure Passwords Keep You Safer|last=Schneier|authorlink=Bruce Schneier|first=Bruce|date=2007-11-01|publisher=[[Wired (magazine)|Wired]]|page=3|accessdate=2009-01-12}}</ref> It can for example locate deleted emails<ref name="Dixon">{{cite journal|last=Dixon|first=Phillip D.|date=December 2005|title=An overview of computer forensics|journal=IEEE Potentials|publisher=[[IEEE]]|volume=24|issue=5|page=8|issn=0278-6648|url=http://www.phillipdixon.net/PDForensics.pdf|accessdate=2009-01-12}}</ref> and scan a disk for text strings to use them as a [[password dictionary]] to crack encryption.<ref name="Casey">{{cite journal|last=Casey|first=Eoghan|date=Fall 2002|title=Practical Approaches to Recovering Encrypted Digital Evidence|journal=International Journal of Digital Evidence|publisher=Economic Crime Institute, [[Utica College]]|location=[[Utica, New York]]|volume=1|issue=3|page=12|issn=1938-0917 |url=http://people.emich.edu/pstephen/other_papers/Recovering%20Encrypted%20Digital%20Evidence.pdf|accessdate=2009-01-12}}</ref> |
'''Forensic Toolkit''', or FTK, is a [[computer forensics]] software made by [[AccessData]]. It scans a hard drive looking for various information.<ref name="wired">{{cite web|url=http://www.wired.com/politics/security/commentary/securitymatters/2007/01/72458?currentPage=3|title=Secure Passwords Keep You Safer|last=Schneier|authorlink=Bruce Schneier|first=Bruce|date=2007-11-01|publisher=[[Wired (magazine)|Wired]]|page=3|accessdate=2009-01-12}}</ref> It can for example locate deleted emails<ref name="Dixon">{{cite journal|last=Dixon|first=Phillip D.|date=December 2005|title=An overview of computer forensics|journal=IEEE Potentials|publisher=[[IEEE]]|volume=24|issue=5|page=8|issn=0278-6648|url=http://www.phillipdixon.net/PDForensics.pdf|accessdate=2009-01-12}}</ref> and scan a disk for text strings to use them as a [[password dictionary]] to crack encryption.<ref name="Casey">{{cite journal|last=Casey|first=Eoghan|date=Fall 2002|title=Practical Approaches to Recovering Encrypted Digital Evidence|journal=International Journal of Digital Evidence|publisher=Economic Crime Institute, [[Utica College]]|location=[[Utica, New York]]|volume=1|issue=3|page=12|issn=1938-0917 |url=http://people.emich.edu/pstephen/other_papers/Recovering%20Encrypted%20Digital%20Evidence.pdf|accessdate=2009-01-12}}</ref> |
||
The toolkit also includes a standalone [[Disk_imaging#Hard_drive_imaging|disk imaging]] program called '''FTK Imager'''.{{fact|date=July 2010}} |
The toolkit also includes a standalone [[Disk_imaging#Hard_drive_imaging|disk imaging]] program called '''FTK Imager'''. The FTK Imager is a simple but concise tool. It saves an image of a hard disk in one file or in segments that may be later on reconstructed. It calclates MD5 hash values and confirms the integrity of the data before closing the files. The result is a DD raw image.{{fact|date=July 2010}} |
||
== References == |
== References == |
||
Revision as of 03:32, 21 January 2011
.jpg) | |
| Developer(s) | AccessData |
|---|---|
| Stable release | 3.2.0
/ October 12, 2010 |
| Operating system | Windows |
| Available in | English |
| Type | Computer forensics |
| Website | http://www.accessdata.com/forensictoolkit.html |
Forensic Toolkit, or FTK, is a computer forensics software made by AccessData. It scans a hard drive looking for various information.[1] It can for example locate deleted emails[2] and scan a disk for text strings to use them as a password dictionary to crack encryption.[3]
The toolkit also includes a standalone disk imaging program called FTK Imager. The FTK Imager is a simple but concise tool. It saves an image of a hard disk in one file or in segments that may be later on reconstructed. It calclates MD5 hash values and confirms the integrity of the data before closing the files. The result is a DD raw image.[citation needed]
References
- ^ Schneier, Bruce (2007-11-01). "Secure Passwords Keep You Safer". Wired. p. 3. Retrieved 2009-01-12.
- ^ Dixon, Phillip D. (December 2005). "An overview of computer forensics" (PDF). IEEE Potentials. 24 (5). IEEE: 8. ISSN 0278-6648. Retrieved 2009-01-12.
- ^ Casey, Eoghan (Fall 2002). "Practical Approaches to Recovering Encrypted Digital Evidence" (PDF). International Journal of Digital Evidence. 1 (3). Utica, New York: Economic Crime Institute, Utica College: 12. ISSN 1938-0917. Retrieved 2009-01-12.
External links
 | This software article is a stub. You can help Wikipedia by expanding it. |