 Welcome back everyone today. We're going to be talking about how to compile Sleuth kit from source I'm in Linux right now, but the process on Mac OS X is the same for Windows I've never actually compiled it on Windows, so I'm not sure but I assume it's similar so on Linux Yeah, first we need to get the source code. I've already downloaded the source code using git So from github, they have all the source code up there and you can get the latest version basically and compile it yourself If you go to github.com slash sleuth kit slash sleuth kit, then you can just clone or download and clone Clone the code basically I'm in the opt directory, so I would do sudo git clone and then the git address Essentially Okay, but I've already done that to save a little bit of time So if we do LS then I have the sleuth kit so I can do CD sleuth kit Make sure you change the permissions of the sleuth kit so your user actually owns it if well Think about what permissions you want if you don't then you have to use sudo for all of these commands And you don't necessarily want to build something Using administrative privileges unless you absolutely have to whenever we install then we want administrative privileges with building We don't Okay, so I am inside the sleuth kit right now. I have all of the source source code downloaded using get and github So now I need to run Dot slash bootstrap right, so bootstrap will basically go through and Yeah, start to create the make file then I can do dot slash configure like normal And then it's going through and checking all of my dependencies and I've already installed Here I have a ff lib support. No, okay. That's a problem We have lib EWF support that I've already installed from the package manager in a bun 2 Zlib supports. I think that was installed by default Java J and I support no and multi-threading. Yes, so I'm gonna go back and look for a ff lib before we do this So I can do sudo apt apt cache search AFF lib And let's see what we find so I see this lib AFF lib dash dev and that's probably what I want So I want to do sudo apt install lib AFF lib dash dev and let's see if we can get this Okay, so now it's installed now. I want to run configure again. So dash slash configure Sorry dot slash configure Then it does all the checks again Okay, now we have support So basically if you were missing any of these features and I'm not going to install this Java J And I support right now But if you're missing any of these features then you can if you're in a bun 2 at least you can do sudo apt Cache search for example for lib EWF if we were missing that and then it will go through and tell you and most likely whenever we're Compiling we want these dev files. Okay, so lib EWF dev for example if you don't find The requirements in your package manager Then you will have to go out and manually compile these as well and maybe you want to do that anyway because In a bun 2 and and Debian, I don't think a ff lib and lib EWF are the newest versions So if you need the newest versions of these libraries, you need to manually compile them anyway Here I'm not really worried about the newest versions of these Because I don't use their features too much sometimes for experimentation and things like that But the versions that I have in the package manager are fine. I do want the newest version of sleuth kid. However, so Let's go back now. We have all of our requirements. We've already ran dot slash Configure right and we found out that our libraries all of our libraries that are requirements are okay Now I want to run make and Then I have eight processors. Okay, so I have eight eight Yeah, basically I have eight cores So I'm gonna run make dash J eight and that will make sure that I'm using all of my processors to to compile sleuth kid because sleuth kid does take a long time. So I'm gonna start this and Basically speed it up. So you don't have to look through the entire compilation process. I'm just running make dash J eight Okay, so now that's done that's done compiling We want to actually install it. So if I type for example right now MMLS, which is a sleuth kid command it says, okay, it's not installed. You can install it from your package manager Okay, but I want to install the newest version So we can now we need route or we need administrative privileges to install the programs we can do pseudo Make install Okay, so pseudo make install now it's installing then if I run MMLS dash capital V And I can see the sleuth kid version 4 3 1. Okay, so now we have the sleuth kid installed. That's it. Thank you very much If you like this video, please subscribe for more