Hi there! I love your videos and they are very informative. One question, to capture a live image of a computer using FTK Imager, do I need to have some type of a bootable USB flash? If so, how would you recommend me going about it? Thanks!
Thanks for the compliment! To capture a live image where you dont want to reboot the machine, all you need is to copy the installed folder of FTK Imager on a regular USB. There used to be a different version of Imager called Lite for that very purpose. Some things to note: make sure the USB is formatted to FAT32 or NTFS so that it is compatible with the target Windows machine. Also when you are imaging a live machine, the operating system is changing the hard drive so you will not be able to replicate the same resulting image if you perform another imaging process. And on an unrelated subject that you had asked about, to create a bootable USB with a bootable OS, see this video: ruclips.net/video/14YIkiGd0jQ/видео.htmlsi=01z3WB6hR5hUubHn
Hi there. I am very grateful for the lessons on RUclips that you have shared. Can you give me advice, experience or send me documents related to digital forensics. Thank you very much
I can offer general advice but it would be more helpful to you if you can tell me what country you are in, are you trying to get into the digital forensics field, and what experience you have. You can DM me on twitter if you dont want to post here.
Unfortunately FTKImager is no longer available with CAINE versions 12 and newer as there wasn’t room on the ISO for a Windows partition anymore. You can still download FTKImager free from the AccessData/Exterro website.
Hi there! I love your videos and they are very informative. One question, to capture a live image of a computer using FTK Imager, do I need to have some type of a bootable USB flash? If so, how would you recommend me going about it? Thanks!
Thanks for the compliment! To capture a live image where you dont want to reboot the machine, all you need is to copy the installed folder of FTK Imager on a regular USB. There used to be a different version of Imager called Lite for that very purpose.
Some things to note: make sure the USB is formatted to FAT32 or NTFS so that it is compatible with the target Windows machine. Also when you are imaging a live machine, the operating system is changing the hard drive so you will not be able to replicate the same resulting image if you perform another imaging process.
And on an unrelated subject that you had asked about, to create a bootable USB with a bootable OS, see this video:
ruclips.net/video/14YIkiGd0jQ/видео.htmlsi=01z3WB6hR5hUubHn
@@BlueMonkey4n6 Thank you so much!
Hi there. I am very grateful for the lessons on RUclips that you have shared. Can you give me advice, experience or send me documents related to digital forensics. Thank you very much
I can offer general advice but it would be more helpful to you if you can tell me what country you are in, are you trying to get into the digital forensics field, and what experience you have. You can DM me on twitter if you dont want to post here.
I iive in Vietnam.thank bro
Is FTKImager available in CAINE ? Because I can't seem to find it in my iso (which was downloaded from the official website)
Unfortunately FTKImager is no longer available with CAINE versions 12 and newer as there wasn’t room on the ISO for a Windows partition anymore. You can still download FTKImager free from the AccessData/Exterro website.
@@BlueMonkey4n6 Thank you for your clarification ! Loved the videos, they helped a lot !