Hey there, hope you all are doing well. In this blog, we will see how we can install the SIFT (Sans Investigative Forensics Toolkit) Workstation, developed the by the SANS Institute for Digital Forensics purpose.
The SIFT Workstation is a collection of free and open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings. It can match any current incident response and forensic tool suite. SIFT demonstrates that advanced incident response capabilities and deep-dive digital forensic techniques can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
Let’s head over to the website Sans-Sift-Workstation. We will see various ways to get the SIFT Workstation like getting it as a VM, native Ubuntu installation, or getting it on WSL. For now, let’s go with download the VM appliance. And for that, we need to first make an account on SANS. After that, you can click on download button,
It will take you to this page where the OVA file is available to download. Go ahead and download the OVA file, and meet me when your download is finished,
Alright guys, let’s move right into the installation part. Navigate to your download directory, right click onto your downloaded OVA file, open it with a VMware Workstation,
VMware Workstation will ask you to set the new name for the VM along with storage path, so do the same
Importing of the VM will be finished after a bit, and we are now ready to go,
Let’s boot up the machine and it has this nice purple-pinkish login interface. Login with the credentials -
Finally, we have our machine up and running with this awesome wallpaper!
From here, you will be prompted to upgrade the VM to the latest available distribution. So go ahead to do that, and we are ready with our SIFT Workstation. With this, we are done with setting up our workstation for Digital Forensics & Incident Response. Hope you learn something well, and let’s meet again later. See ya. (: