Forensics Automated Tool Environment (FATE)
What is FATE?
It is a collection of scripts/tools that I use every day when doing forensics. The files in the plugins directory can be individually ran against a data set or all of the plugins can be ran against a data set. The primary purpose of the tool is to make forensics easier by being able to run a series of tools on a data set. Then after it has finished running, review the output.
Data Sets
There are several ways of collecting data. When collecting data, make sure that it is collect and organized in such a way that the file with something interesting can be traced back to the source machine. For example, FRAC creates a directory with the machine name and then re-creates the path the file was found in.