Maybe there are many digital forensics tools out there. The most famous is EnCase. It is not fully automated though. You need to learn how to use EnCase and some of the features, of course, pretty useful. But, when you are working on a case that has big capacity storage media e.g. 1 Terabyte…it can be quite stressful…
I guess it depends to individual whether you like to use EnCase or FTK.
Like myself, I’m more convenient with WinHex…but you really need to know what you are doing. WinHex is manual…and I find it quite flexible to use. If you are called as an Expert Witness, it is easier to explain when you analyze a case using WinHex.
It is just like a knife…and you can do anything with it…
Btw, I have these three tools to verify the output of the overall analysis.
