Open Source Digital Forensics


The rise in technology related crime – from criminal cases, civil disputes, employee misconduct, to acts of terrorism, etc. – has generated an urgent need for a new type of “skills”.
Digital forensics is a field of great interest for users, developers, CxO, law enforcement agencies, prosecutors, judges, lawyers.
Whether it is internal incident response in our companies or law enforcement’s investigations, it is very important to know the technical and legal bases of digital forensics.
Very often digital forensics we see in companies or in the courtrooms is of the “black box” type: hardware or software tools of renowned producers are used without awareness.
This subverts the principle of scientific investigation, where every instrument and every move that is performed must be well known, fully managed and controlled by the researcher and his peers.
The talk will present some of the main Linux Live distributions for Digital Forensics, based almost entirely on free software, as well as practical examples of acquiring digital memories with the Guymager software.
The landscape of open / free software forensic investigation tools (Autopsy, Linux Leo, Photorec, etc.) will also be presented.