The Sleuth Kit

LSE top 100LSE top 100The Sleuth Kit (45)The Sleuth Kit (45)

Tool and Usage

Project details

Programming language
Brian Carrier
Latest release
Latest release date

Project health

This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

The Sleuth Kit is a forensics tool to analyze volume and file system data on disk images. With its modular design, it can be used to carve out the right data, find evidence, and use it for digital forensics.

Usage and audience

The Sleuth Kit is commonly used for criminal investigations, digital forensics, or file system analysis. Target users for this tool are forensic specialists and security professionals.


  • Command line interface

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + More than 50 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available
  • + Well-known tool

Author and Maintainers

The Sleuth Kit is under development by Brian Carrier.


Supported operating systems

The Sleuth Kit is known to work on Linux.

The Sleuth Kit alternatives

Similar tools to The Sleuth Kit:


GRR Rapid Response

GRR is a security tool for live forensics on remote systems. It uses a client-server model to obtain information from the systems and store them centrally.



MIG, or Mozilla InvestiGator, is a security tool to perform forensic investigation in real-time on Linux, macOS, and Windows systems.



Volatile memory framework used for forensics and analysis purposes. The framework is written in Python and runs on almost all platforms.

All The Sleuth Kit alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information