I recently took SANS FOR508 with Rob Lee in Las Vegas. It was a great class and I highly recommend it to everyone interested in Digital Forensics. I’m new to forensics and learned so much from the class. One of the topics covered is using the srch_strings command from the Sleuth Kit on a filesystem [...]
Browsing Posts tagged forensics
I wrote a tool called srch_strings_wrap (available at GitHub – https://github.com/superponible/Search-Strings-Extension) that extends the functionality of the srch_strings command in the Sleuth Kit. The idea came from repeatedly having to determine the block that corresponded to the results of srch_strings during FOR508. I contacted Rob Lee about what I had written and he put me [...]
