Which command-line tool is utilized for investigating disk images in digital forensics?

The command-line tool utilized for investigating disk images in digital forensics is The Sleuth Kit. This suite of open-source forensic tools is widely recognized for its capability to analyze disk images and file systems at a deeper level. The Sleuth Kit includes various command-line utilities that allow forensic investigators to examine data structures and recover files from a wide range of file systems, making it particularly effective for low-level investigations.

It is designed to facilitate the analysis of various disk image formats and provides a comprehensive suite of forensic tools that can be used to extract and analyze data from disk images without modifying the original data. This is critical in digital forensics, where maintaining the integrity of the evidence is paramount.

The other tools mentioned may have capabilities related to disk image investigation but are either primarily graphical interfaces, such as FTK Imager and Autopsy, or do not focus specifically on command-line interrogation of disk images. While WinHex and FTK Imager are useful in the forensic toolkit, The Sleuth Kit stands out as a dedicated command-line solution tailored for in-depth investigative work on disk images.