CAINE - 11 - FTKImager - data acquisition tool for imaging, live capture, and memory capture

Опубликовано: 03 Октябрь 2021
на канале: BlueMonkey 4n6

5,793

109

CAINE - 11 - FTKImager - data acquisition tool for imaging, live capture, and memory capture

♥️ SUBSCRIBE for more videos: https://www.youtube.com/bluemonkey4n6...

Difficulty Level: Beginner
Prerequisites: basic understanding of the Windows and forensic imaging process of hard drives and other digital media.

FTKImager is a tool that can help you acquire forensic data off computer media. The tool allows you to create forensic images, logical acquisition of files and folders, obtain protected files, generate directory listing, memory capture, preview files and folders, preview the contents of captured forensic images, mount an image for read-only view, export files and folders from forensic images, see and recover deleted files, hash files with MD5 and SHA1, capture and view APFS images from Mac computers.

Video timeline
00:00 intro
FTK Imager run from Forensic workstation
02:14 imaging and directory listing generation
09:04 Image verification
10:30 Image mounting
12:33 Drive Survey
FTK Imager run from Target machine
13:35 memory capture
16:00 Obtaining protected files
17:32 Custom content images
21:12 recap

To download FTKImage: https://www.accessdata.com/product-do...

⭕️ For other videos in the CAINE forensics series: • CAINE forensics tutorials

Linux distro:
This video was created using CAINE 11.0

Virtualization software:
Virtual Box (http://virtualbox.org)

Icons made by freepik from @flaticon http://www.flaticon.com/authors/freepik

Icons made by Smashicons from http://www.flaticon.com/authors/smash...

🔨 Gear mentioned in this video:

FTK Imager
https://accessdata.com/product-downlo...

WiebeTech USB 3.1 WriteBlocker: https://amzn.to/3yiZS3t
https://amzn.to/3ygTOIJ
https://wiebetech.com/products/usb-3-...

Tableau Forensic USB 3.0 Bridge: https://amzn.to/37h93FG
https://security.opentext.com/tableau...

DISCLAIMER: Links in this video description might be affiliate links. If you purchase a product or service using one of these links, I may receive a small commission at no additional cost to you. Thank you!

This course was designed to provide information on how to use the tools on the CAINE forensics distro to accomplish tasks in the basic steps in digital forensics: Preservation of evidence (write blocking), extraction of data (imaging), Analysis, and Reporting. This course covers the tools that allow users to acquire data (logical and physical), forensically analyze data, hashing datasets, perform malware analysis, memory forensics, mobile forensics, network forensics, open source intelligence (OSINT), and timeline analysis.

#DFIR #WindowsForensics #FTKImager

Смотрите видео CAINE - 11 - FTKImager - data acquisition tool for imaging, live capture, and memory capture онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь BlueMonkey 4n6 03 Октябрь 2021, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 5,793 раз и оно понравилось 109 людям.