PTK Beta版がリリース
Autopsyに代わる Sleuthkit用 GUIとして開発されている PTKの最初のベータ版がリリースされた。しばらく見ないうちにかなり充実した機能が実現されてる。メモリダンプの解析機能まであるらしい。早速試してみよう。
PTK main features
- Preliminar indexing phase
- Efficient File analysis
- Dynamic Timeline
- File Categorization
- Gallery view
- Indexed keyword search
- Personal bookmark section
- Cases features shared between multiple investigators
Others features
- Improved Usability, Ajax Based
- Dynamic web application with a centralized database. Now more investigators will be able to better work on the same case simultaneously.
- Memory Dump Analysis
- Exdible with other tools
- Log of all operations
- Many browser are supported.
- PTK is a forensic analysis interface, it is not strictly devoted to incident response
- Its scope is helping small groups of investigators to reach the goal with reduced budget
- Can be furtherly enhanced with the concurrent engineering and development participation
