Downloads

Download The Sleuth Kit 1.71

By admin
Spread the love

The program The Sleuth Kit is a collection of a number of forensic tools that can be used to take a closer look at the hard drive. It is possible to recover or partially view several deleted files. The program is written in C and Perl and has been tested on Linux, MacOS X, OpenBSD, FreeBSD, Solaris and Cygwin. Support for NTFS, FAT, FFS, EXT2FS and EXT3FS is provided. Recently version 1.71 is available with the following changelog:

Bug Fixes:

  • Type / size casting errors with FAT.
  • NTFS handling of sparse files
  • Filler errors with NTFS files and ‘icat’ (rare)
  • Missing name with NTFS attribute (rare)

Major Updates:

  • Improved istat & fsstat output for NTFS.
  • ‘ifind -p’ will find deleted NTFS files based on their parent directory, which results in more deleted files being found.
  • Encrypted and compressed files are noted, but not processed.
  • Improved slack support in dls -s.
  • dcalc can calculate original location of data in dls -s output.
  • GPT disk support in mmls.

[break]Note that this program works via a command line. A graphical interface is also available under the name Autopsy Forensic Browser.

Version number 1.71
Operating systems Linux, BSD, macOS, Solaris
Website The Sleuth Kit
Download
License type Conditions (GNU/BSD/etc.)
You might also like
Apps

These two new Apple apps can now be tested

Apps

Popular apps Pixelmator and Photomator are now from Apple

News

MacOS Sequoia 15.3.1 is out: what’s new for your Mac?

News

iOS 18.3.1 is out (and this is why you have to update)

News

WatchOS 11 is out: This update makes your heart beat faster

News

Rumor: Apple is working on its own applications based on a large language model