The Sleuth Kit (TSK) is an open-source collection of command-line digital forensics tools, pre-installed on Kali Linux at /usr/bin/, designed for analyzing disk images and file systems to recover evidence in cyber investigations. Developed by Brian Carrier, TSK supports file systems like NTFS, FAT, EXT2/3/4, UFS, and HFS+, enabling forensic analysts, incident responders, and ethical hackers to examine deleted files, partition structures, and timelines. Often paired with Autopsy’s GUI, TSK’s modular utilities provide granular control for advanced forensic tasks.
Sleuth Kit Reviews & Ratings: See What Users and Experts Are Saying
Sleuth Kit Alternatives 2025: Comparing Top Kali Linux Tools Platforms
Share Sleuth Kit
Disclaimer: The content on this website is written and reviewed by experts in the fields of Artificial Intelligence and Software. Additionally, we may incorporate public opinions sourced from various social media platforms to ensure a comprehensive perspective.
Please note that the screen shots and images featured on this website are sourced from Sleuth Kit website. We extend our gratitude and give full credit to Sleuth Kit for their valuable contributions.
This page may include external affiliate links, which could earn us a commission if you decide to make a purchase through those links. However, the opinions expressed on this page are our own, and we do not accept payment for favorable reviews.