PTK DFLabs
Follow DFLabs on twitter Follow DFLabs on YouTube

border_sx   Italian  Russian border_dx

PTK section:

New Articles rss

  • 2010-07-21 - Robust Process Scanner in PTK Forensics: done!

  • 2010-06-01 - Meet the PTK team at The Sleuth Kit and Open Source Digital Forensics Conference

  • 2010-05-14 - SANS Investigative Forensic Toolkit e PTK Forensics: made simple!

  • 2010-04-26 - DFLabs PTK Forensics new version is available Thru SANS Institute's SIFT Virtual Machine

  • 2010-04-24 - New PTK and IncMan suite Video Available for your demo purposes.

  • 2010-02-20 - New DFLabs YoutTube Channel.

  • 2010-02-04 - PTK Forensics: New Webinar session.

  • 2010-02-01 - PTK Forensics, the new website is online.

  • 2009-11-14 17:31:11 - New PTK roadmap

  • 2009-09-30 14:10:01 - DFLabs is proud to announce that the data carving is available

Validator:

Valid XHTML 1.0 Transitional
CSS Valido!

Product overview

 

PTK forensics is a computer forensic framework for the command line tools in the SleuthKit plus much more software modules. This makes it usable and easy to investigate a system. PTK forensics is an alternative advanced framework for the TSK suite (The SleuthKit). Born as a free interface in order to improve the features already present in ‘Autopsy Forensic Browser’ (the former TSK interface). PTK Forensic, now, is much more. In addition to providing the functions already present in Autopsy Forensic Browser it now implements numerous new essential forensic features. PTK forensics is more than just a new graphic and highly professional interface based on Ajax and other advanced technologies; it offers numerous features such as analysis, search and management of complex digital investigation cases. Here you have a general graphic description of our framework.

 

schema logico


The core component of the software is an efficient Indexing Engine performing different preliminary analysis operations during the import phase of each piece of evidence. PTK allows simultaneous management of different cases and multi-user profiling. Investigators can work on the same case at the same time. All reports and bookmarks generated by an investigator are saved in a reserved section of the Database. PTK forensics is a complex web application based on very innovative technologies and builds an appealing, highly dynamic and very easy to use interface. Its developers used the PHP language and a back-end MySQL database implementing thus the LAMP structure (Linux-Apache-MySql-PHP).

 

MAIN FEATURES:

 

-Indexing

-Efficient File Analysis

-Dynamic Timeline

-File Categorization

-Image Gallery

-Indexing Keyword Search

-Personal Bookmark Section

-Case features shared by: Multiple investigators and case lock


Other features:

 

-Easier to use, PTK is based on Ajax.

-PTK is a dynamic web application with centralised -Database. More investigatots can work on the same case at te same time.

-Possibility to analyze the Memory Dump.

-Can be extended through other opensource tools.

-A log of all operations performed by the investigators is kept.

-Preliminary tests haven't evinced problems.

-Many browsers are supported.

-PTK is a forensic analysis interface; in fact, PTK does not address incident response issues.

-Its main aim is to help small groups of investigators execute complex consultancy quickly and efficiently.

PTK Forensic is available both as a Free Basic and Full Version. You might see the differences between those two versions here.