HOME

TheInfoList



Click Here for Items Related To - Forensic Toolkit
OR:
Forensic Toolkit on:   [Wikipedia]   [Google]   [Amazon]

Forensic Toolkit, or FTK, is
computer forensics Computer forensics (also known as computer forensic science) is a branch of digital forensics, digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital me ...
software originally developed by AccessData, and now owned and actively developed by Exterro. It scans a hard drive looking for various information. It can, for example, potentially locate deleted emails and scan a disk for text strings to use them as a password dictionary to crack encryption. FTK is also associated with a standalone
disk imaging A disk image is a snapshot of a storage device's content typically stored in a file on another storage device. Traditionally, a disk image was relatively large because it was a bit-by-bit copy of every storage location of a device (i.e. every ...
program called FTK Imager. This tool saves an image of a hard disk in one file or in segments that may be later on reconstructed. It calculates
MD5 The MD5 message-digest algorithm is a widely used hash function producing a 128-bit hash value. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4, and was specified in 1992 as Request for Comments, RFC 1321. MD5 ...
and
SHA1 In cryptography, SHA-1 (Secure Hash Algorithm 1) is a hash function which takes an input and produces a 160- bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecimal digits. It was designed by the United State ...
hash values A hash function is any function that can be used to map data of arbitrary size to fixed-size values, though there are some hash functions that support variable-length output. The values returned by a hash function are called ''hash values'', ...
and can verify the integrity of the data imaged is consistent with the created forensic image. The forensic image can be saved in several formats, including DD/raw, E01, and AD1.


References


External links

AccessData Forensic Toolkit (PDF)
Computer forensics Digital forensics software {{storage-software-stub AccessData