Common Forensic Software Programs
After setting up the lab and the equipment, the next thing to address is the software. Several software tools are available that you might want to use in your forensic lab. This section takes a brief look at several commonly used tools. However, this section gives extra attention to Guidance Software’s EnCase and AccessData’s Forensic Toolkit because these two programs are very commonly used by law enforcement.
EnCase
EnCase from Guidance Software is a very widely used forensic toolkit. This tool allows the examiner to connect an Ethernet cable or null modem cable to a suspect machine and to view the data on that machine. EnCase prevents the examiner from making any accidental changes to the suspect machine. ...
Get System Forensics, Investigation, and Response, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
