diff options
author | Barry J. Grundy <bgrundyatlinuxleo.com> | 2013-03-11 19:30:13 -0400 |
---|---|---|
committer | dsomero <xgizzmo@slackbuilds.org> | 2013-03-22 07:16:40 -0400 |
commit | d30c249588095443f15225c70d35f8099efff699 (patch) | |
tree | 7652a6dcae09dcdd1384ed9ab71d29cac32dd073 /system/sleuthkit/README | |
parent | bb8798c4d225252f1ce5567708f3bb71570d1be0 (diff) |
system/sleuthkit: Updated for version 4.0.2.
Signed-off-by: dsomero <xgizzmo@slackbuilds.org>
Diffstat (limited to 'system/sleuthkit/README')
-rw-r--r-- | system/sleuthkit/README | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/system/sleuthkit/README b/system/sleuthkit/README index 0d3bcb40ceafa..f64c370f72164 100644 --- a/system/sleuthkit/README +++ b/system/sleuthkit/README @@ -1,8 +1,12 @@ -The Sleuth Kit is an open source forensic toolkit for analyzing -Microsoft and UNIX file systems and disks. The Sleuth Kit enables -investigators to identify and recover evidence from images -acquired during incident response or from live systems. The -Sleuth Kit is open source, which allows investigators to verify -the actions of the tool or customize it to specific needs. +The Sleuth Kit (TSK) is a library and collection of command line +tools that allow you to investigate disk images. The core +functionality of TSK allows you to analyze volume and file system +data. The plug-in framework allows you to incorporate additional +modules to analyze file contents and build automated systems. The +library can be incorporated into larger digital forensics tools and +the command line tools can be directly used to find evidence. -Sleuthkit can use libewf and afflib. + +Sleuthkit can optionally use libewf (for Expert Witness files) +and afflib (for Advanced Forensic Format files). Both are available +in SBo. |