Security Corner

Mar 31 2010   7:20PM GMT

Forensics: SANS Investigative Forensic Toolkit (SIFT) Workstation



Posted by: Ken Harthun
Tags:
cyber security
Forensics
SANS
Security
Security tools
Software for Secure Computing

This is so significant, that I’m not going to elaborate on it. If you’re an IT Security professional, you probably already know about it. If you don’t, then check it out here: SANS Investigative Forensic Toolkit (SIFT) Workstation: Version 2.0.

Faculty Fellow Rob Lee created the SANS Investigative Forensic Toolkit(SIFT) Workstation featured in the Computer Forensic Investigations and Incident Response course (FOR 508) in order to show that advanced investigations and investigating hackers can be accomplished using freely available open-source tools.

The SANS SIFT Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many additional tools and capabilities that can match any modern forensic tool suite.

You know what an Open Source advocate I am and this just proves the value of that even more.

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Benjaminwright215
    On the SANS Institute's forensics blog, I have published new methods for preserving and authenticating evidence in a cyber investigation. http://goo.gl/ramnu What is your opinion? --Ben
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: