- Digital Forensics with Kali Linux
- Shiva V.N.Parasram
- 273字
- 2021-07-02 21:33:37
Commercial tools available in the field of digital forensics
Although this book focuses on tools within the Kali Linux operating system, it’s important to recognize the commercially-available tools available to us, many of which you can download as trial or demo versions before determining a preference.
Because this book focuses primarily on open source tools, I'll just make mention of some of the more popular commercial tools available along with their homepages. The tools are listed only in alphabetical order and do not reflect any ratings, reviews, or the author's personal preference:
- EnCase? Forensic: https://www.guidancesoftware.com/encase-forensic
- F-Response: https://www.f-response.com/
- Forensic Toolkit: http://accessdata.com/products-services/forensic-toolkit-ftk
- Helix Enterprise: http://www.e-fense.com/h3-enterprise.php
- Magnet Axiom: https://www.magnetforensics.com/computer-forensics/
- X-Ways Forensics: http://www.x-ways.net/forensics/index-m.html
Many of the commercial tools available all allow for the following features and also offer several proprietary features, including:
- Write blocking
- Bit-by-bit or bit-stream copies and disk cloning/evidence cloning
- Forensically sound evidence acquisition
- Evidence preservation using hashes
- File recovery (hidden and deleted)
- Live and remote acquisition of evidence
- RAM and swap/paging file analysis
- Image mounting (supporting various formats)
- Advanced data and metadata (data about data) searches and filtering
- Bookmarking of files and sectors
- Hash and password cracking
- Automatic report generation
The main advantage of commercial tools is that they are usually automated and are actually a suite of tools that can almost always perform entire investigations, from start to finish, with a few clicks. Another advantage that I must mention is the support for the tools that are given with the purchase of a license. The developers of these tools also employ research and development teams to ensure constant testing and review of their current and new products.