Which application provides a GUI for a command-line forensic toolkit known as The Sleuth Kit?

The Sleuth Kit is a collection of command-line tools that are used for digital forensics, especially in the analysis of computer file systems. Autopsy serves as a graphical user interface (GUI) that allows users to access and utilize the powerful features of The Sleuth Kit in a more user-friendly manner. This makes it easier for forensic investigators to perform case analysis without requiring extensive command-line knowledge, thereby streamlining the process of examining digital evidence.

By providing features such as timeline analysis, file analysis, keyword search, and reporting capabilities, Autopsy enhances the capabilities of The Sleuth Kit while making it accessible to a broader range of users. It effectively bridges the gap between complex forensic analysis and practical, hands-on investigations in a way that is visually intuitive.

In contrast, other applications listed such as FTK Imager, EnCase, and Wireshark serve different purposes in the field of digital forensics. FTK Imager is primarily for creating forensic images, EnCase is a comprehensive digital investigation software suite with its own proprietary tools, and Wireshark is specifically focused on network protocol analysis rather than file system analysis. Thus, Autopsy is the choice that aligns with the GUI support for The Sleuth Kit, making it the correct answer