O'Reilly logo

Kali Linux 2: Windows Penetration Testing by Bo Weaver, Wolf Halton

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Exploring Guymager

On most forensic projects, you will work from an image, so first let's get an image to work with. Guymager is a forensic imager for media acquisition. It has a nice GUI and saves images out in several formats used in forensic imaging. The application will also make a clone of a drive. You can find Guymager in the Usual applications | System Tools menu:

Exploring Guymager

Guymager has two modes of saving files:

  1. The acquire mode, where you might want an image for digital evidence.
  2. The clone mode, in case you need the entire partition duplicated.

The difference is, in acquire mode the image is digitally signed with a checksum and other information to ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required