The Coroner's Toolkit

Last updated
The Coroner's Toolkit
Original author(s) Dan Farmer and Wietse Venema
Stable release
1.19 / August 29, 2009
Operating system Unix-like
Type Computer forensics
License IBM Public License
Website www.porcupine.org/forensics/tct.html

The Coroner's Toolkit (or TCT) is a suite of free computer security programs by Dan Farmer and Wietse Venema for digital forensic analysis. The suite runs under several Unix-related operating systems: FreeBSD, OpenBSD, BSD/OS, SunOS/Solaris, Linux, and HP-UX. TCT is released under the terms of the IBM Public License.

Parts of TCT can be used to aid analysis of and data recovery from computer disasters.

TCT was superseded by The Sleuth Kit. [1] Although TSK is only partially based on TCT, the authors of TCT have accepted it as official successor to TCT. [1]

Related Research Articles

In computing, a desktop environment (DE) is an implementation of the desktop metaphor made of a bundle of programs running on top of a computer operating system that share a common graphical user interface (GUI), sometimes described as a graphical shell. The desktop environment was seen mostly on personal computers until the rise of mobile computing. Desktop GUIs help the user to easily access and edit files, while they usually do not provide access to all of the features found in the underlying operating system. Instead, the traditional command-line interface (CLI) is still used when full control over the operating system is required.

In computing, cross-platform software is computer software that is designed to work in several computing platforms. Some cross-platform software requires a separate build for each platform, but some can be directly run on any platform without special preparation, being written in an interpreted language or compiled to portable bytecode for which the interpreters or run-time packages are common or standard components of all supported platforms.

A computing platform or digital platform is an environment in which a piece of software is executed. It may be the hardware or the operating system (OS), even a web browser and associated application programming interfaces, or other underlying software, as long as the program code is executed with it. Computing platforms have different abstraction levels, including a computer architecture, an OS, or runtime libraries. A computing platform is the stage on which computer programs can run.

TCT may refer to:

Netatalk is a free, open-source implementation of the Apple Filing Protocol. It allows Unix-like operating systems to serve as file server for Macintosh computers. Historically Netatalk implemented the AppleTalk protocol suite, allowing Unix-like operating systems to serve also as print and time servers for Apple Macintosh computers.

DTrace Dynamic tracing framework

DTrace is a comprehensive dynamic tracing framework originally created by Sun Microsystems for troubleshooting kernel and application problems on production systems in real time. Originally developed for Solaris, it has since been released under the free Common Development and Distribution License (CDDL) in OpenSolaris and its descendant illumos, and has been ported to several other Unix-like systems.

TrueOS Unix-like, desktop-oriented operating system

TrueOS is a discontinued Unix-like, server-oriented operating system built upon the most recent releases of FreeBSD-CURRENT.

GCompris

GCompris is a software suite comprising educational entertainment software for children aged 2 to 10. GCompris was originally written in C and Python using the GTK+ widget toolkit, but a rewrite in C++ and QML using the Qt widget toolkit has been undertaken since early 2014. GCompris is free and open-source software and the current version is subject to the requirements of the AGPL-3.0-only license. It has been part of the GNU project.

gEDA

The term gEDA refers to two things:

  1. A set of software applications used for electronic design released under the GPL. As such, gEDA is an ECAD or EDA application suite. gEDA is mostly oriented towards printed circuit board design. The gEDA applications are often referred to collectively as "the gEDA Suite".
  2. The collaboration of free software/open-source developers who work to develop and maintain the gEDA toolkit. The developers communicate via gEDA mailing lists, and have participated in the annual "Google Summer of Code" event as a single project. This collaboration is often referred to as "the gEDA Project".
Aircrack-ng

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. The program runs under Linux, FreeBSD, macOS, OpenBSD, and Windows; the Linux version is packaged for OpenWrt and has also been ported to the Android, Zaurus PDA and Maemo platforms; and a proof of concept port has been made to the iPhone.

The Sleuth Kit

The Sleuth Kit (TSK) is a library and collection of Unix- and Windows-based utilities for extracting data from disk drives and other storage so as to facilitate the forensic analysis of computer systems. It forms the foundation for Autopsy, a better known tool that is essentially a graphical user interface to the command line utilities bundled with The Sleuth Kit.

The Snack Sound Toolkit is a cross-platform library written by Kåre Sjölander of the Swedish Royal Technical University (KTH) with bindings for the scripting languages Tcl, Python, and Ruby. It provides audio I/O, audio analysis and processing functions, such as spectral analysis, pitch tracking, and filtering, and related graphics functions such as display of the sound pressure waveform and spectrogram. It is available on Microsoft Windows, Linux, Mac OS X, Solaris, HP-UX, FreeBSD, NetBSD, and IRIX.

fpGUI

fpGUI, the Free Pascal GUI toolkit, is a cross-platform graphical user interface toolkit developed by Graeme Geldenhuys. fpGUI is open source and free software, licensed under a Modified LGPL license. The toolkit has been implemented using the Free Pascal compiler, meaning it is written in the Object Pascal language.

Enthought, Inc. is a software company based in Austin, Texas, United States that develops scientific and analytic computing solutions using primarily the Python programming language. It is best known for the early development and maintenance of the SciPy library of mathematics, science, and engineering algorithms and for its Python for scientific computing distribution Enthought Canopy.

Unix-like Operating system that behaves in a manner similar to a Unix system

A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-like application is one that behaves like the corresponding Unix command or shell. There is no standard for defining the term, and some difference of opinion is possible as to the degree to which a given operating system or application is "Unix-like".

References

  1. 1 2 "The Coroner's Toolkit (TCT)".