Foremost
Foremost is a Linux based program data for recovering deleted files . The program uses a configuration
file to specify headers and footers to search for. Intended to be run on disk images,
foremost can search through most any kind of data without worrying about the
format.
DCFLDD
Dcfldd is a tool designed to acquire images. Dcfldd was designed to be
an open sources computer forensic tool that would improve some of the
shortcomings of the dd application. When the hashwindows=0 option is specified,
the dcfldd will calculate the md5sum while the data is being copied, this
options eliminate the extra step of having to use md5sum afterward to calculate
the md5sum of the bitstream copy. This can save a lot of time as hashing the
drive with md5sum can take a while. Another feature of the dcfldd command is
the status bar, this is an important feature as it indicates how long the
process it’s going to take.
To know more about these tools with screenshots ,
No comments:
Post a Comment