Wednesday, August 8, 2012

Note: sleuthkit Debian package

It contains istat and blkcat and friends.

Tools for forensics analysis (per Wikipedia):

The Sleuth Kit (TSK) is a library and collection of Unix- and Windows-based utilities for extracting data from disk drives and other storage so as to facilitate the forensic analysis of computer systems. It forms the foundation for Autopsy, a better known tool that is essentially a graphical user interface to the command line utilities bundled with The Sleuth Kit.