venus/CyberSecurityClub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
565bb1efc2c4941f25d42a0c028ea3c173a0cc21
CyberSecurityClub/Skills/File Analysis
History
stephensottosanti 565bb1efc2 commit
2021-03-07 22:24:40 -06:00
..
README.md
commit
2021-03-07 22:24:40 -06:00

README.md

File Analysis

File analysis and understanding is one aspect of the larger field of Digital Forensics. Digital Forensics encompasses the investigation of data found on digital devices and involves preserving, identifying, extracting, documenting and interpreting this data.

One of the more common activities in digital forensics is the recovery of deleted files. Though a user may have “deleted” or “moved a file to the trash bin” those files are not always deleted. A very nice set of intuitive tools for use in digital forensics is The Sleuth Kit tool set (http://www.sleuthkit.org/index.php).

Below is a screenshot of the output of the Sleuth Kit file listing tool (fls) which shows two files that have been “deleted” by the user but are still recoverable. The ability to recover and save what was previously thought to be deleted files can be very valuable in an investigation.

File Analysis