GetSlack - Forensic Data Capture Utility

Dod Tested and Certified!

This software is used to capture all of the file slack contained on a logical hard disk drive or floppy diskette on a DOS, Windows, Windows 95 and/or Windows 98 computer system. The resulting output from GetSlack can be analyzed with standard computer utilities or with special NTI tools, e.g., Filter_G and NTA Stealth software. GetSlack software is an ideal computer forensics tool for use in investigations, internal audits and in computer security reviews. NTI places special importance on the use of this tool in computer security risk assessments because memory dumps in file slack are the cause for security- related concerns. Typically, network logons and passwords are found in file slack. It is also possible for passwords used in file encryption to be stored as memory dumps in file slack.

From an investigative standpoint, file slack is a target rich environment to find leads and evidence. File slack can contain leads and evidence in the form of fragments of word processing communications, Internet E-mail communications, Internet chat room communications, Internet news group communications and Internet browsing activity. As a result, this program is a good tool for use in computer-related investigations. It also acts as a good validation tool for use with computer security programs which are designed to eliminate file slack, e.g., NTI's M-Sweep Pro ambient data scrubbing software. File slack is a significant source of computer security leakage. The program and its uses are described in Computer Forensics, Incident Response Essentials by Warren G. Kruse II and Jay G. Heiser, Cyber Crime Investigator's Field Guide by Bruce Middleton and Cybersecurity Operations Handbook by Dr. John W. Rittinghouse and Dr. William M. Hancock.


GetSlack Software - Primary Uses:



GetSlack Software - Program Features and Benefits:

The current release is version 1.7 and the GSA Product Number is GS1.7. U. S. Government clients should click here for information about GSA purchases.

Back To NTI's Home Page

Please direct E-Mail to



Copyright © 2004 by New Technologies Armor, Inc. January 18, 2004