SIFT – SANS Investigative Forensic Toolkit

|

SANS Investigative Forensic Toolkit (SIFT) is an Ubuntu based Live CD which includes all the tools you need to conduct an in-depth forensic or incident response investigation. More information at http://digital-forensics.sans.org/community/downloads. This toolkit can also be downloaded as a VMWare VM. The collection of tools include multiple open source tools for memory imaging, disk analysis and memory analysis.