Upload File

file carving tools

7

Click here to load reader

Upload: marco-alamanni

Post on 22-Jan-2018

94 views

Category:

Software


0 download

Report

TRANSCRIPT

Page 1: File carving tools

Digital forensics with Kali Linux

Marco Alamanni

Video 4.2

File carving tools

Page 2: File carving tools

In this Video, we are going to take a look at…

• How to recover deleted files with The Sleuth Kit.

• How to recover deleted files using carving tools:Foremost , Scalpel and Photorec.

Page 3: File carving tools

File carving tools

● Three CLI carving tools included by default on Kali Linux:Foremost , Scalpel and Photorec.

● These tools extract files from raw disk sectors.

● Use a database of headers and footers for several file formats.

● Also work on disk images.

● Sample image from the Digital Forensics Tool Testing Images page:http://dftt.sourceforge.net/

Page 4: File carving tools

Foremost

● Foremost has been developed by Jesse Kornblum and Kris Kendall at the Air Force Office of Special Investigations and later updated by Nick Mikus of the Naval Postgraduate School.

● Default configuration file is /etc/foremost.conf.

● We edit it only to enable the recovery of formats not included in the default configuration.

Page 5: File carving tools

Scalpel

● Scalpel is a rewrite of Foremost and the latest version available on Kali Linux is the 1.60.

● The latest version is the 2.0 and the source is available at The Sleuth Kit github repository: https://github.com/sleuthkit/scalpel

● The configuration file is /etc/scalpel/scalpel.conf

● Unlike Foremost, we have to edit the configuration file uncommenting all the file formats we want to recover.

https://github.com/sleuthkit/scalpel
Page 6: File carving tools

Photorec

● PhotoRec has been developed by Christophe Grenier, the developer of TestDisk.

● Can recover many different file formats and has a text-based user interface like TestDisk.

● Photorec web page provides valuable information on how the program works and how to use it:http://www.cgsecurity.org/wiki/PhotoRec

Page 7: File carving tools

Next Video

Extracting data with Bulk Extractor


Kirschen Carving Tools - Axminster Tools & · PDF file547 20 Kirschen Carving Tools Axminster Carving Tools Order online axminster.co.uk/woodcarving Inc.vat 12mm(1/2”) £23.45 £19.54

The Evolution of File Carving

Forensic Multimedia File Carving - Divakth.diva-portal.org/smash/get/diva2:613183/FULLTEXT01.pdf · Forensic Multimedia File Carving ... File carving is an advanced forensic technique

Carving Tools New

HAVE YOUR COMPUTER FORENSICS TOOLS BEEN TESTED?index-of.co.uk/Forensic/CFTT Computer Forensics Tool Testing Han… · EnCase Version 6.18.0.59 Forensic File Carving Graphic Adroit

Forensic File Carving Tool Test Assertions and Test Plan

JPEG file carving with sequential probability testing

ceramic carving tool techniques - Chaparral Ceramics€¦ · Carving Surface carving is usually done best with a variety of tools—from knives and gouges to wire-ended modeling tools—when

ceramic carving tool techniques - claybucket.com · or leather-hard clay—the states where most slashing, scratching, carving, and cutting is done—are primar-ily tools with sharp

Carving Whimsical Cottonwood Bark Houses...Use tools that you feel comfortable carving with. I prefer to use palm tools when I can. The following is a list of tools that I use to carve

Selected Methods of File Carving and Analysis of Digital ...yadda.icm.edu.pl/baztech/element/bwmeta1.element... · KEYWORDS: computer forensics, data recovery, file carving, NTFS,

Wood Carving - Keraladsource.in/sites/default/files/resource/wood-carving-kerala/downloads/file/wood... · D’source Digital Learning nvironent or Design - dsourcein 4 The artisan

Tool-Cabinet Design - finewoodworking.com labeled pieces of ... patterns. I arranged the tools ... plies, moisture meter, carving tools and other little-used tools

Detecting Database File Tampering through Page Carving...Detecting Database File Tampering through Page Carving James Wagner, Alexander Rasin, Karen Heart, Tanu Malik, Jacob Furst

How to make leather armour, a pictorial guidemountain-moments.co.uk/web components/Leather Armour-preview.pdf · tool, leather carving knife plus carving matting and leather tools,

Carving Manual - FOREDOM · PDF fileUsing your Foredom ® Flex Shaft Foredom flexible shaft power tools are versatile shop tools for power carving, grinding, sanding, cleaning, polishing,

Carving Manual - FOREDOM - Foredom Electric Co. · PDF fileUsing your Foredom ® Flex Shaft Foredom flexible shaft power tools are versatile shop tools for power carving, grinding,

2020-01-28 -RECON LAB Manual - SUMURI · 22.1 File Carving 131 22.2 Data Carving 134 22.3 Carving Unallocated Space 135 23. Hash Sets 138 23.1 Creating Hash Sets 138 23.2 Importing

Making and Using a Carving Pantograph - … and Using a Carving Pantograph ... Ordinary shop tools (Fig. 17) make ideal ... professional-size Bench Craft pantograph from a

Pt.6 — Letter Carving - Fine Woodworking Tools & Hand · PDF filePt.6 — Letter Carving by Mike Davies Woodcarving By Photo.1: Lettering is a popular form of carving 36 Australian

Advanced file carving - SANS Computer Forensics

Kirschen Carving Tools - Axminster Tools & Machinery€¦ · 547 20 Kirschen Carving Tools Axminster Carving Tools Order online axminster.co.uk/woodcarving Inc.vat 12mm(1/2”) £23.45

Performance Analysis of File Carving Tools

Automating Video File Carving and Content Identification

Why do Consumers buy Carving Kits? · Why do Consumers buy Carving Kits? SOURCE: Nielsen, XAOC 52 week ending 11.24.17 70% - Tools make it easier to carve 52% - Carving process goes

Carving classic fruit & vegetable(K3) revised EN 2018 · K3 – Individual architectural fruit/vegetable carving ... • New or innovative tools should be used. • Degree of difficulty

Advanced file carving - SANS

Sandalwood Carving Sagara - D'Sourcedsource.in/.../downloads/file/sandalwood-carving-sagara.pdf · 2018. 6. 14. · Wood carving art is carried from their ancestors. ... carving methods

WAX CARVING BASICS: PART 1 - Kate Wolf Tools

Advances in File Carving

Chapter 15 IN-PLACE FILE CARVING · Chapter 15 IN-PLACE FILE CARVING Golden Richard III, Vassil Roussev and Lodovico Marziale Abstract File carving is the process of recovering files

File Carving Using Sequential Hypothesis Testing

Doodle Page Digital Download · 2021. 4. 11. · INVERTED LEATHER CARVING only $350 each Easier to do than regular carving, inverted leather carving requires fewer tools. Eliminates

Design Project Chip Carving DXF - · PDF fileChip Carving Sunburst Using a DXF Design CREATING A CHIP CARVING USING AN EXISTING DXF FILE IN THIS

Recensione Di Carving Tools Cinesi