PTK Forensics

PTK forensics is a computer forensic framework for the command line tools in the SleuthKit plus much more software modules. This makes it usable and easy to investigate a system. PTK forensics is an alternative advanced framework for the TSK suite (The SleuthKit). Born as a free interface in order to improve the features already present in ‘Autopsy Forensic Browser’ (the former TSK interface). PTK Forensic, now, is much more. In addition to providing the functions already present in Autopsy Forensic Browser it now implements numerous new essential forensic features. PTK forensics is more than just a new graphic and highly professional interface based on Ajax and other advanced technologies; it offers numerous features such as analysis, search and management of complex digital investigation cases. Here you have a general graphic description of our framework.

The core component of the software is an efficient Indexing Engine performing different preliminary analysis operations during the import phase of each piece of evidence. PTK allows simultaneous management of different cases and multi-user profiling. Investigators can work on the same case at the same time. All reports and bookmarks generated by an investigator are saved in a reserved section of the Database. PTK forensics is a complex web application based on very innovative technologies and builds an appealing, highly dynamic and very easy to use interface. Its developers used the PHP language and a back-end MySQL database implementing thus the LAMP structure (Linux-Apache-MySql-PHP).

MAIN FEATURES:

-Indexing

-Efficient File Analysis

-Dynamic Timeline

-File Categorization

-Image Gallery

-Indexing Keyword Search

-Personal Bookmark Section

-Case features shared by: Multiple investigators and case lock

Other features:

-Easier to use, PTK is based on Ajax.

-PTK is a dynamic web application with centralised -Database. More investigatots can work on the same case at te same time.