Downloads

Software Update: The Sleuth Kit 4.6.3

By admin
Spread the love

The program The Sleuth Kit is a collection of forensic tools that can be used to take a closer look at the hard drive. This makes it possible to recover or partially view deleted files. Support for ntfs, fat, exfat, ufs1, ufs2, ext2fs, ext3fs, etx4, hfs, yaffs2, and iso 9660 formats is provided. For more information, please refer to this page. The developers recently released version 4.6.3 with the following changes:

Version 4.6.3

  • C/C++ Code:
    • Hashdb bug fixes for corrupt indexes and 0 hashes
    • New code for testing power of number in ExtX code
  • Java Code:
    • New class that allows generic database access
    • New methods that check for duplicate artifacts
    • Added caches for frequently used content
  • Database Scheme:
    • Added Examiner table
    • Tags are now associated with Examiners
    • Changed parent_path for logical files to be consistent with FS files.

Version 4.6.2

  • C/C++ Code:
    • Various compiler warning fixes
    • Added small delay into image writer to not starve other threads
  • Java:
    • Added more locking to ensure that handles were not closed while other threads were using them.
    • Added APIs to support more queries by data source
    • Added memory-based caching when detecting if an object has children or not.

Version 4.6.1

  • C/C++ Code:
    • Lots of bounds checking fixes from Google’s fuzzing tests. Thanks Google.
    • Cleanup and fixes from uckelman-sf and others
    • PostgreSQL, libvhdi, & libvmdk are supported for Linux / OS X
    • Fixed display of NTFS GUID in istat – report from Eric Zimmerman.
    • NTFS istat shows details about all FILE_NAME attributes, not just the first. report from Eric Zimmerman.
  • Java:
    • Reports can be URLs
    • Reports are Content
    • Added APIs for graph view of communications
    • JNI library is extracted to name with user name in it to avoid conflicts
  • Database:
    • Version upgraded from to 8.0 because Reports are now Content

Version 4.6.0

  • New Communications related Java classes and database tables.
  • Java build updates for Autopsy Linux build
  • Blackboard artifacts are now Content objects in Java and part of tsk_objects table in database.
  • Increased cache size.
  • Lots of bounds checking fixes from Google’s fuzzing tests. Thanks Google.
  • HFS fix from uckelman-sf.

Version number 4.6.3
Release status Final
Operating systems Windows 7, Linux, BSD, macOS, Solaris, UNIX, Windows Server 2008, Windows Server 2012, Windows 8, Windows 10, Windows Server 2016
Website The Sleuth Kit
Download
License type Conditions (GNU/BSD/etc.)
You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support