solevant logo
The Sleuth Kit logo

The Sleuth Kit

by Sleuth Kit Labs
No reviews yet
ActiveFree tier
Quick facts
VendorSleuth Kit Labs
Year launchedN/A
StatusActive
LocationN/A
Countries servedN/A
Languages1
IntegrationsN/A
Free tierYES
Free trialNO
Contact salesNO

About The Sleuth Kit

A C library and collection of open source command line tools for the forensic analysis of file systems like NTFS, FAT, EXT2FS, and FFS. It allows investigation of disk images and can be incorporated into larger digital forensics tools.

The Sleuth Kit (TSK) is an open-source digital forensics toolkit from Sleuth Kit Labs. It consists of a C library and a collection of command-line tools designed for in-depth analysis of disk images and file systems. TSK is a foundational engine that powers many other forensic tools, including the popular graphical interface Autopsy. It is aimed at digital investigators, law enforcement, and incident responders who need to perform detailed, low-level analysis of file systems such as NTFS, FAT, and ExtFS. As an open-source project, it is free to download and use. Support is available through community forums, with commercial training and support offered separately by Sleuth Kit Labs.

Pros & Cons

Pros
  • Completely open source and free to use for forensic analysis.
  • Provides a foundational C library for building custom forensic tools.
  • Supports a variety of common file systems for broad compatibility.
  • Serves as the underlying engine for the widely-used Autopsy GUI forensic tool.
Cons
  • The command-line interface can be challenging for users without a technical background.
  • Lacks a native graphical user interface; requires a separate tool like Autopsy for visual analysis.
  • Official support is primarily community-based, with paid options for dedicated support.

Features

Key features

File System Analysis

Analyzes volume and file system data from disk images.

Command Line Tools

Provides a collection of utilities for direct investigation of digital evidence.

C Library

Core functionality can be incorporated into larger custom digital forensics applications.

Multi-File System Support

Natively analyzes NTFS, FAT, EXT2FS, and FFS file systems.

Open Source

Freely available for use and integration into other forensic tools.

Pricing

Free trial
Free version
Request a quote
Promo Offer

Countries & Languages

Countries served
1
Interface languages
Billing currencies

Interface languages

English

Reviews

No reviews yet

Be the first to drop a review

Alternatives to The Sleuth Kit

GeoShield logo

GeoShield

GeoShield is a policing software from GeoShield that provides solutions for command staff and crime…

CRIMEWATCH logo

CRIMEWATCH

CRIMEWATCH is a public safety platform that connects law enforcement agencies with their communities.

Rave 911 Suite logo

Rave 911 Suite

Rave 911 Suite is a public safety software from Rave Mobile Safety that provides capable…

Recoveryfix PST Password Recovery logo

Recoveryfix PST Password Recovery

Recoveryfix PST Password Recovery is an exceptionally reliable, lightweight tool built to handle a specific…

FARO Zone 3D (FARO.com) logo

FARO Zone 3D (FARO.com)

FARO Zone 3D is a forensic visualization software from FARO that supports the analysis, reconstruction,…

Autopsy logo

Autopsy

Autopsy is a digital forensics software from Sleuth Kit Labs that provides a comprehensive open-source…

Spot something wrong or outdated?

Suggest a correction — a reviewer verifies every change.

Often compared with The Sleuth Kit

Compare any two tools →
GeoShield logo
GeoShield
Law Enforcement
0.0
CRIMEWATCH logo
CRIMEWATCH
Incident Management
0.0
Rave 911 Suite logo
Rave 911 Suite
Law Enforcement
0.0
Recoveryfix PST Password Recovery logo
Recoveryfix PST Password Recovery
Password Management
0.0