Results 1 to 2 of 2

Thread: SANS Investigate Forensic Toolkit (SIFT) Workstation Version 2.1 Share/Save - My123World.Com!

  1. #1

    SANS Investigate Forensic Toolkit (SIFT) Workstation Version 2.1

    An international team of forensics experts, led by SANS Faculty Fellow Rob Lee, created the SANS Investigative Forensic Toolkit (SIFT) Workstation and made it available to the whole community as a public service. The free SIFT toolkit, that can match any modern forensic tool suite, is also featured in SANS' Advanced Computer Forensic Analysis and Incident Response course (FOR 508). It demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.

    The SIFT Workstation is a VMware appliance, pre-configured with the necessary tools to perform detailed digital forensic examination in a variety of settings. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many new capabilities and tools such as log2timeline that provides a timeline that can be of enormous value to investigators.

    New in SIFT 2.1
    iPhone, Blackeberry, and Android Forensic Capabilities
    Registry Viewer (YARU)
    Compatibility with F-Response Tactical, Standard, and Enterprise
    PTK 2.0 (Special Release - Not Available for Download)
    Automated Timeline Generation via log2timeline
    Many Firefox Investigative Plugins
    Windows Journal Parser and Shellbags Parser (jp and sbag)
    Many Windows Analysis Utilities (prefetch, usbstor, event log, and more)
    Complete Overhaul of Regripper Plugins (added over 80 additional plugins

    The three great essentials to achieve anything worth while are: Hard work, Stick-to-itiveness, and Common sense. - Thomas A. Edison
    __________________________________________________ _____________________

  2. #2
    Super Commando Dhruv abhaythehero's Avatar
    Join Date
    Sep 2010
    Blog Entries
    Just an alert to those interested in computer forensics, a great video tutorial series is being put up on SecurityTube by 5Hark5Ter using the SIFT workstation. So don't miss those if you are a beginner in Computer Forensics !
    In the world of 0s and 1s, are you a zero or The One !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts