This project forked from seabreg/tct
TCT is a collection of tools - some large, some small, some in perl, some in C - that are all either oriented towards gathering or analyzing forensic data on a Unix system
License: Other
NOTE: If you've just been broken into and are desperate for help,
read the "help-when-broken-into" file. If you've deleted
a file and want to recover it, read "help-recovering-file".
The Coroner's Toolkit (TCT) - a Brief Introduction
TCT is a collection of tools - some large, some small, some in perl,
some in C - that are all either oriented towards gathering or analyzing
forensic data on a Unix system. There is no single task or ultimate
goal that they are directed to, but if there was a theme it'd be an
effort towards the reconstruction of the past - determining as much
as possible what happened with a static snapshot of a system. Most of
the tools are oriented towards data collection rather than analysis -
a good use of the toolkit could be for a relative neophyte in Unix
forensic security to send the data to someone who does know something and
can further analyze the output. (Do NOT send it to us, however! ;-))
Note that by default we don't gather *ALL* data - unallocated blocks of
disks (let alone the entire contents of your media!) and raw memory are
not touched by default... where would you put the results, for starters?
So, as a general overview:
A quick start for the impatient may be found in the "quickstart" file.
The most current version of TCT may be found at both:
http://www.fish.com/forensics/
http://www.porcupine.org/forensics/
To install TCT read the "INSTALL" file.
A list of the contents of TCT may be found in the "MANIFEST" file.
A copyright notice is in the "COPYRIGHT" file; additional copyrights
might be included in individual source code files (especially look at
the C source code files, which are mostly covered by IBM's open source
license, in the file "LICENSE".)
A general overview of the toolkit may be found in the "README" file
in the "docs" subdirectory. More about TCT's design methodology and
philosophy can be found in the "design-notes" file in the same directory.
We hope that you enjoy this and find our work useful to you!
Dan Farmer & Wietse Venema
August 1st, 2000
p.s. There's a mailing list (with on-line archive) for sharing
experiences. To subscribe, send a message to [email protected]
with body (not subject): subscribe tct-users. The list will reject mail
from non-members so it is unlikely to catch UCE. To unsubscribe, send
mail with as body (not subject): unsubscribe tct-users.
p.p.s. Some unpolished, unfinished, and perhaps not very useful tools
and notes are in the "extras" subdirectory; feel free to check them out,
but caveat emptor.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.