FileTSAR, a Free Forensic Toolkit that combines various open source forensic investigation tools used by law enforcement agencies.
The all-in-one free forensic toolkit was developed by Purdue Polytechnic researchers to help detectives in the reconstruction of digital evidence from multiple data types.
It captured the data flows and a mechanism to reconstruct multiple data types that includes documents, images, email and VoIP sessions.
The current network forensic investigative tools have limited capabilities and they cannot communicate with each other, said Kathryn Seigfried-Spellar.
“FileTSAR, a free forensic toolkit has everything required for criminal investigators to complete their work without having to rely on different network forensic tools.”
This tool aids forensic investigators to overcome their burdens, the project was funded by many agencies including the US Department of Justice.
The intended function of the tools is to capture the data flows, analyze and reconstruct documents, images, email, and VoIP conversations.
“To validate the large-scale capabilities of the toolkit, we conducted a “stress test” of the system using approximately 123,500,000 packets from a collection of packet capture files totaling nearly 100GB.”
FileTSAR a free forensic toolkit also employs hashing for each file it carves to maintain the forensic integrity of probative data.
“We aimed to create a tool that addressed the challenges faced by digital forensic examiners when investigating cases involving large-scale computer networks,” Seigfried-Spellar said.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
Related Tools
SilkETW – New Free Threat Intelligence Tool to Capture and Analyze Windows Events Logs
Tracking Photo’s Geo-location with GPS EXIF DATA – Forensic Analysis
