deb_control_files:
- control
- md5sums
deb_fields:
Architecture: amd64
Conflicts: tct
Depends: file, libdate-manip-perl, perl:any, libafflib0t64 (>= 3.7.6), libc6 (>=
2.38), libewf2 (>= 20130416), libgcc-s1 (>= 4.2), libstdc++6 (>= 13.1), libtsk19t64
(>= 4.12.1+dfsg), libvhdi1 (>= 20150110), libvmdk1 (>= 20150516)
Description: |-
tools for forensics analysis on volume and filesystem data
The Sleuth Kit, also known as TSK, is a collection of UNIX-based command
line file and volume system forensic analysis tools. The filesystem tools
allow you to examine filesystems of a suspect computer in a non-intrusive
fashion. Because the tools do not rely on the operating system to process the
filesystems, deleted and hidden content is shown.
.
The volume system (media management) tools allow you to examine the layout of
disks and other media. You can also recover deleted files, get information
stored in slack spaces, examine filesystems journal, see partitions layout on
disks or images etc. But is very important clarify that the TSK acts over the
current filesystem only.
.
The Sleuth Kit supports DOS partitions, BSD partitions (disk labels), Mac
partitions, Sun slices (Volume Table of Contents), and GPT disks. With these
tools, you can identify where partitions are located and extract them so that
they can be analyzed with filesystem analysis tools.
.
Currently, TSK supports several filesystems, as NTFS, FAT, exFAT, HFS+, Ext3,
Ext4, UFS and YAFFS2.
.
This package contains the set of command line tools in The Sleuth Kit.
Homepage: http://www.sleuthkit.org/sleuthkit
Installed-Size: '1720'
Maintainer: Debian Security Tools <team+pkg-security@tracker.debian.org>
Package: sleuthkit
Priority: optional
Section: admin
Source: sleuthkit (4.12.1+dfsg-2)
Suggests: autopsy, mac-robber
Version: 4.12.1+dfsg-2+b1
srcpkg_name: sleuthkit
srcpkg_version: 4.12.1+dfsg-2