image-2

Data Dump(dd) to Create a Forensic Image with Linux 

There are a few Linux distributions designed specifically for digital forensics. These flavors contain examiner tools, and are configured not to mount (or mount as read only) a connected storage media. The Data Dump(dd) command is available on all Linux distributions and is able to read and write to an unmounted drive because it is Read More