Kali Linux tools
2 min readAug 16, 2021
This week I will share 3 tools that can be used for forensic.
- Autopsy is a GUI for analyzing computer artifacts and the data that is stored within them. It was designed to be similar in features, capabilities, and operation to other popular forensic tools like Guidance Software’s EnCase or AccessData’s FTK Imager. It can also perform various tasks such as viewing and extracting files from partitions, performing keyword searches on extracted files using its built-in text parserTimeline analysis: you can analyze the timeline of events with this tool from a graphical environment that makes it much easier to piece events together. Hash filtering function allows you to exclude known good files and flag known bad when looking for evidence. Keyword search for indexed files that mention relevant terms. Web artifacts allow you to extract web artifacts such as browser history, bookmarks, and cookies from widely used internet browsers such as Firefox, Chrome, and IE.
- Guymager is a tool that allows you to extract data via a GUI or the command-line interface. One of the most important features is that it has a built-in hex editor which can edit headers, such as partition tables and bootloaders. Guymager also supports raw image files. It is possible to convert different types of formats like JPEG and GIF into RAW format before running them through Guymager. It features a simple GUI with multilingual support It ships with Kali Linux and is ready to use upon booting your system. It is multi-threaded which makes it very fast, and it has a design that takes advantage of…