PTK is much more than a new Interface...
PTK is an alternative advanced interface for the suite TSK (The Sleuth Kit). PTK was developed from scratch and besides providing the functions already present in Autopsy Forensic Browser it implements numerous new features essential during forensic activity. PTK is not just a new graphic and highly professional interface based on Ajax technology but offers a great deal of features like analysis, search and management of complex cases of digital investigation.
PTK Schema
The core component of the software is made up of an efficient Indexing Engine performing different preliminary analysis operations during importing of every evidence. PTK allows the management of different cases and different levels of multi-users. It is possible to allow more than one investigators to work at the same case at the same time. All the reports generated by an investigator are saved in a reserved section of the Database. PTK is a Web Based application and builds its indexing archive inside a Database MySQL, using thus the construction LAMP (Linux-Apache-MySql-PHP).
PTK main features
- Preliminar indexing phase
- Efficient File analysis
- Dynamic Timeline
- File Categorization
- Gallery view
- Indexed keyword search
- Personal bookmark section
- Cases features shared between multiple investigators
Others features
- Improved Usability, Ajax Based
- Dynamic web application with a centralized database. Now more investigators will be able to better work on the same case simultaneously.
- Memory Dump Analysis
- Exdible with other tools
- Log of all operations
- Many browser are supported.
- PTK is a forensic analysis interface, it is not strictly devoted to incident response
- Its scope is helping small groups of investigators to reach the goal with reduced budget
- Can be furtherly enhanced with the concurrent engineering and development participation