Authors :
Annalaxmi Valluvar; Spoorti Shetty; Subhashree Pandian; Suvarna Chaure
Volume/Issue :
Volume 8 - 2023, Issue 9 - September
Google Scholar :
https://bit.ly/3TmGbDi
Scribd :
https://tinyurl.com/3w3sw42y
DOI :
https://doi.org/10.5281/zenodo.8363276
Abstract :
Computer forensics is a crucial field that
involves the collection, preservation, and analysis of
digital evidence. Forensic tools play a vital role in this
process, aiding investigators in extracting, analyzing, and
interpreting data from diverse digital devices. With the
increasing complexity of digital devices and the surge in
digital data, selecting the appropriate forensic tool has
become paramount. This study evaluates and contrasts
different free forensic tools with an emphasis on network
examination, data analysis, and password cracking. The
evaluation considers variables such platform support, file
system support, imaging capabilities, data-driven
features, reporting capabilities, hash type support, attack
types, resource utilization, and pattern matching
capabilities. The results of this comparison research are
an informative resource for forensic professionals seeking
to choose the best tool for their specific requirements.
Notably, the data analysis capabilities of Autopsy, FTK
Imager, and ProDiscover Basic displayed unique
strengths and limitations for data analysis. Due to its
robust hash type support and effective administration of
resources, John the Ripper and Hashcat emerged as
reasonable options for password cracking. The study
also recommends Wireshark for network analysis
because of its intuitive user interface, substantial packet
analysis tools, and flexible multi-platform compatibility
with other protocols. Nevertheless, is acknowledged that
the ultimate choice on a forensic tool should be tailored to
the distinct requirements and constraints of each
investigatory project.
Keywords :
Computer Forensics, Digital Evidence, Forensic Tools, Network Analysis, Data Analysis, Password Cracking, Platform Support, File System Support, Imaging Capabilities, Reporting Capabilities, Hash Type Support.
Computer forensics is a crucial field that
involves the collection, preservation, and analysis of
digital evidence. Forensic tools play a vital role in this
process, aiding investigators in extracting, analyzing, and
interpreting data from diverse digital devices. With the
increasing complexity of digital devices and the surge in
digital data, selecting the appropriate forensic tool has
become paramount. This study evaluates and contrasts
different free forensic tools with an emphasis on network
examination, data analysis, and password cracking. The
evaluation considers variables such platform support, file
system support, imaging capabilities, data-driven
features, reporting capabilities, hash type support, attack
types, resource utilization, and pattern matching
capabilities. The results of this comparison research are
an informative resource for forensic professionals seeking
to choose the best tool for their specific requirements.
Notably, the data analysis capabilities of Autopsy, FTK
Imager, and ProDiscover Basic displayed unique
strengths and limitations for data analysis. Due to its
robust hash type support and effective administration of
resources, John the Ripper and Hashcat emerged as
reasonable options for password cracking. The study
also recommends Wireshark for network analysis
because of its intuitive user interface, substantial packet
analysis tools, and flexible multi-platform compatibility
with other protocols. Nevertheless, is acknowledged that
the ultimate choice on a forensic tool should be tailored to
the distinct requirements and constraints of each
investigatory project.
Keywords :
Computer Forensics, Digital Evidence, Forensic Tools, Network Analysis, Data Analysis, Password Cracking, Platform Support, File System Support, Imaging Capabilities, Reporting Capabilities, Hash Type Support.