This is so significant, that I’m not going to elaborate on it. If you’re an IT Security professional, you probably already know about it. If you don’t, then check it out here: SANS Investigative Forensic Toolkit (SIFT) Workstation: Version 2.0.
Faculty Fellow Rob Lee created the SANS Investigative Forensic Toolkit(SIFT) Workstation featured in the Computer Forensic Investigations and Incident Response course (FOR 508) in order to show that advanced investigations and investigating hackers can be accomplished using freely available open-source tools.
The SANS SIFT Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many additional tools and capabilities that can match any modern forensic tool suite.
You know what an Open Source advocate I am and this just proves the value of that even more.