Question

In this discussion talk about digital forensics examining cases.

What tools and software can you use?

What evidence might you find in computers or other crime scenes?

Add any useful insight that you might have.

Answer 1

`Hey,

Note: Brother in case of any queries, just comment in box I would be very happy to assist all your queries

01 SANS SIFT

The SANS Investigative Forensic Toolkit (SIFT) is an Ubuntu based Live CD which includes all the tools you need to conduct an in-depth forensic or incident response investigation.

02 CrowdStrike CrowdResponse

CrowdResponse is a lightweight console application that can be used as part of an incident response scenario to gather contextual information such as a process list, scheduled tasks, or Shim Cache.

03 Volatility

Volatility is a memory forensics framework for incident response and malware analysis that allows you to extract digital artefacts from volatile memory (RAM) dumps.

05 FTK Imager

FTK Imager is a data preview and imaging tool that allows you to examine files and folders on local hard drives, network drives, CDs/DVDs, and review the content of forensic images or memory dumps. Using FTK Imager you can also create SHA1 or MD5 hashes of files, export files and folders from forensic images to disk, review and recover files that were deleted from the Recycle Bin (providing that their data blocks haven’t been overwritten), and mount a forensic image to view its contents in Windows Explorer.

Forensic experts can be called upon to support major cases involving data breaches, intrusions, or any other type of incidents. By applying techniques and proprietary software forensic applications to examine system devices or platforms, they might be able to provide key discoveries to pin who was/were responsible for an investigated crime.

Kindly revert for any queries

Thanks.