Essential Tools

A Windows system or VM, with the following tools installed:
- Arsenal Image Mounter; https://arsenalrecon.com/downloads
- Autopsy; https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.21.0/autopsy-4.21.0-64bit.msi
A Linux system or VM.
- The easiest option here is to use the SANS SIFT Workstation, as this has all tools installed already - https://www.sans.org/tools/sift-workstation/. This is the VM I will be using in the workshop
- You can import this OVA file into VirtualBox to create a VM using the instructions here: https://docs.oracle.com/en/virtualization/virtualbox/6.0/user/ovf.html

Alternatively, if you'd rather use your own Linux system or VM, install the following tools:

EWF Tools: (Ubuntu Package: https://packages.ubuntu.com/search?keywords=ewf-tools)
- sudo apt-get install ewf-tools
Sleuthkit: https://www.sleuthkit.org/sleuthkit/download.php
- sudo apt-get install sleuthkit
Autopsy: https://www.autopsy.com/download
- sudo snap install autopsy

Last updated 1 year ago