Section 14

Forensics Tools

Detailed discussion of the various types and kinds of Forensics tools available and what their uses are is found in this section.

Keywords

Forensics tools; live capture; case management

The kinds of tools necessary for any forensics investigation always depend on the type of data, files, sources, and operating systems being reviewed. Each operating system has its own particulars of drivers, software libraries, and specific kernel code to be examined. Data refers to distinct pieces of digital information that have been formatted in a specific way. All the various data types have specific code and structure parameters associated with the actual bits and bytes of the data on the storage mechanism. Each dataset can have hidden ...

Get Computer Incident Response and Forensics Team Management now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.