Appendix D: ForensicsTools


This appendix should acquaint you with some of the better-known forensics tools that are available on the market. These tools, along with those described in Chapter 8, should give you a great start in figuring out what you need to put into your forensics toolbox.

Forensics Tool Suites

Forensics suites make processing and organizing large case files easier. These tools combine the functionality of many different, smaller applications and provide a common interface from which to conduct an electronic investigation.

Ultimate Toolkit

AccessData Ultimate Toolkit (UTK) is the industry's most comprehensive set of tools for password acquisition and forensic examination of digital evidence. UTK includes advanced decryption; password recovery; full-text indexing and searching; deleted file recovery; e-mail, Registry and graphics analysis; auto-reporting wizards; and more. UTK includes the following AccessData products: Password Recovery Toolkit; Registry Viewer; Forensic Toolkit; 100-client license for Distributed Network Attack; WipeDrive; NT Login Access Utility, and a one-year subscription and maintenance service. The robust toolset of UTK is maximized by individuals who complete the AccessData BootCamp and other AccessData professional training courses on cryptography and forensics. To obtain additional information about AccessData , visit http://www.accessdata.com .

Maresware

Maresware is computer forensics software that provides a set of tools for investigating and analyzing computer records and data.

It is flexible to meet the needs of all types of investigators , analysts, auditors , and information technology (IT) administrators. The software is useful for forensic analysis, data administration, drive wiping, and forensic auditing. It is command-line driven for flexibility, speed, and unattended operation. It can be used to help provide compliance with HIPAA and other privacy of information regulations. To obtain additional information about Maresware, visit http://www.dmares.com .

X-Ways Forensics

X-Ways Forensics is the most resource-efficient forensics tool on the market. It offers versatile functionality for the digital evidence collection process. X-Ways Forensics supports case management, automated report generation, direct access to drive images, various data recovery techniques, and other baseline methods of the trade. It also possesses time-saving capabilities such as skin color percentage calculation for all image files found, and it thwarts various data-hiding techniques such as host-protected areas, NTFS alternative data streams, and falsified filename extensions. X-Ways Trace is an accessory that deciphers and displays the browser history and the Windows recycle bin log. To obtain additional information about X-Ways Forensics, visit http://www.x-ways.net .

Forensicware

Forensicware Solution from StepaNet Communications, Inc. provides 20 essential tools for the computer forensic investigator . These tools build on and complement acquisition and analysis packages such as EnCase from Guidance Software and Forensic Toolkit from AccessData, just to name a few. Data parsing, file extraction, link file metadata, and file and directory cataloging are just a few of Forensicware Solution's many capabilities. Forensicware Solution makes the job of advanced data recovery easy. To obtain additional information about Forensicware, visit http://www.datalifter.com .




Computer Forensics JumpStart
Computer Forensics JumpStart
ISBN: 0470931663
EAN: 2147483647
Year: 2004
Pages: 153

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net