Exploring Guymager
On most forensic projects, you will work from an image, so first let's get an image to work with. Guymager is a forensic imager for media acquisition. It has a nice GUI and saves images out in several formats used in forensic imaging. The application will also make a clone of a drive. You can find Guymager in the Usual applications | System Tools menu:
Guymager has two modes of saving files:
- The acquire mode, where you might want an image for digital evidence.
- The clone mode, in case you need the entire partition duplicated.
The difference is, in acquire mode the image is digitally signed with a checksum and other information to ...
Get Kali Linux 2: Windows Penetration Testing now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
