aboutsummaryrefslogtreecommitdiff
path: root/system/sleuthkit/README
diff options
context:
space:
mode:
authorBarry J. Grundy <bgrundyatlinuxleo.com>2013-03-11 19:30:13 -0400
committerdsomero <xgizzmo@slackbuilds.org>2013-03-22 07:16:40 -0400
commitd30c249588095443f15225c70d35f8099efff699 (patch)
tree7652a6dcae09dcdd1384ed9ab71d29cac32dd073 /system/sleuthkit/README
parentbb8798c4d225252f1ce5567708f3bb71570d1be0 (diff)
system/sleuthkit: Updated for version 4.0.2.
Signed-off-by: dsomero <xgizzmo@slackbuilds.org>
Diffstat (limited to 'system/sleuthkit/README')
-rw-r--r--system/sleuthkit/README18
1 files changed, 11 insertions, 7 deletions
diff --git a/system/sleuthkit/README b/system/sleuthkit/README
index 0d3bcb40ceafa..f64c370f72164 100644
--- a/system/sleuthkit/README
+++ b/system/sleuthkit/README
@@ -1,8 +1,12 @@
-The Sleuth Kit is an open source forensic toolkit for analyzing
-Microsoft and UNIX file systems and disks. The Sleuth Kit enables
-investigators to identify and recover evidence from images
-acquired during incident response or from live systems. The
-Sleuth Kit is open source, which allows investigators to verify
-the actions of the tool or customize it to specific needs.
+The Sleuth Kit (TSK) is a library and collection of command line
+tools that allow you to investigate disk images. The core
+functionality of TSK allows you to analyze volume and file system
+data. The plug-in framework allows you to incorporate additional
+modules to analyze file contents and build automated systems. The
+library can be incorporated into larger digital forensics tools and
+the command line tools can be directly used to find evidence.
-Sleuthkit can use libewf and afflib.
+
+Sleuthkit can optionally use libewf (for Expert Witness files)
+and afflib (for Advanced Forensic Format files). Both are available
+in SBo.