Forensics Software this blog is explaining which of which of the software are using in forensic investigation in detail.
Password Cracking Tool: Cain & Abel
Source: http://www.oxid.it
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows recovery of various kinds of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force, and Crypt analysis attacks, recording VolP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords, and analyzing routing protocols.
Data Recovery Tool: Recuva source: https://www.piriform.com
Recuva can recover lost pictures, music, documents, videos, emails or any other file type and it can also recover data from any rewriteable media like memory cards, external hard drives, USB sticks, etc.
Network Traffic Analysis Tool: Capsa Network Analyzer
Source: http://www.colasoft.com
Capsa Free is a network analyzer that allows monitoring of network traffic, troubleshooting network issues, and analyzing packets. Features include support for over 300 network protocols (including the ability to create and customize protocols), MSN, and Yahoo Messenger filters, email monitor and auto-save, and customization reports and dashboards.
Features:
- Extended network security analysis
- Versatile traffic & bandwidth statistics
- Advanced network protocol analysis
- Multiple network behavior monitoring
- Automatic expert network diagnosis
Forensics Software (Cont’d)
File Viewer Source: http://www.accessoryware.com
File Viewer is a Disk/File Utility that helps to locate, view, print, organize, and exchange files over the internet using e-mail components. It can search for many common file types, or groups of file types, display, print, organize or send files over the internet, find and display pictures, videos, sounds, music, text files, documents, spread sheets, database, and system files, locally over the LAN or on the Internet. Picture file types supported by the file viewer are JPG, JP 2000, OF, uncompressed TIF, TIFF, BMP, ICO, CUR, PCX, DCX, PCD, FPX, WMF, EMF, FAX, RAW, XPB, XPM, IFF, PBM, CUT, PSD, PNG, TGA, EPS, RAS, WPG, PCT, PCX, CLP, XWD, FLC, ANI, SGI, XBM, etc.
Imaging Tool: R-Drive Image Source: http://www.drive-image.com
R-Drive Image is a potent utility that provides creation of disk image files for backup or duplication purposes. R-Drive Image restores the images on the original disks, on any other partitions, or even on a hard drive’s free space. Using R-Drive Image, one can restore the system after heavy data loss caused by an operating system crash, virus attack, or hardware failure.
Features:
- A simple wizard interface
- Image file compression
- Removable media support
- Image files splitting
- Image Protection
File Type Conversion Software: File Viewer
Source: http://www.file-convert.com
FileMerlin converts word processing, spreadsheet, presentation and database files between a wide range of file formats. Widely regarded as the premier document conversion product, it is suitable for straightforward as well as complex documents, and is the most accurate, complete and flexible such solution that we know of.
Related Product : Computer Hacking Forensic Investigator
Forensics Software (Cont’d)
AccessData’s FTK source: http://accessdata.com
FTK is a court-cited digital investigations platform. It provides processing and indexing up front, so filtering and searching is fast. UK can be setup for distributed processing and incorporate web-based case management and collaborative analysis.
Guidance Software’s EnCase Source: https://www.guidancesoftware.com
- Rapidly acquire data from the widest variety of devices
- Unearth potential evidence with disk-level forensic analysis
- Produce comprehensive reports on your findings
- Maintain the integrity of your evidence in a format the courts have come to trust
Nuix Corporate Investigation Suite
source: http://www.nuix.com
The Nuix Corporate Investigation Suite is used to collect, process, analyze, review, and report on electron is evidence.
PALADIN Forensic Suite Source: https://www.sumuri.com
PALADIN is a modified “live” Linux distribution based on Ubuntu used to fulfill various forensics tasks in a forensically sound manner via the PALADIN Toolbox. PALADIN is available in 64-bit and 32-bit versions.
mail Xaminer Source: https://www.mailxaminer.com
It is used to search and uncover relevant information by conducting, coordinating, and real-time monitoring of a case with an investigative team to get thorough and unambiguous evidence in a court admissible file format.
OSForensics Source: http://www.osforensics.com
Extract forensic data from computers, and uncover the data hidden inside a P.
Hex Editor Neo Source: http://www.osforensics.com
Extract forensic data from computers, and uncover the data hidden inside a P.
Hex Editor Neo Source: http://www.hhdsoftware.com
Freeware Hex Editor Neo allows viewing, modifying, analyzing hexadecimal data and binary files, editing, exchanging data with other applications through the clipboard, inserting new data and deleting existing data, as well as performing other editing actions.
Bulk extractor Source: http://www.forensicswiki.org
The bulk extractor is a computer forensics tool that scans a disk image, a file or a directory of files and extracts useful information without parsing the file system or file system structures.
Xplico Source: http://www.xplico.org
The goal of Xplico is to extract the applications data contained from an internet traffic capture. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico is an open source Network Forensic Analysis Tool (NFAT).
The Sleuth Kit Source: http://www.sleuthkit.org
The Sleuth Kit is a collection of command line tools and a C library that allows you to analyze disk images and recover files from them.
Forensics Software (Cont’d)
Autopsy Source: http://www.sleuthkit.org
Autopsy’ is a digital forensics platform and graphical interface to The Sleuth Kit’ and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate the happenings on a computer. It can even be used to recover photos from a camera’s memory card.
Oxygen Forensic Kit Source: http://www.oxygen-forensic.com
The Oxygen Forensic Kit is a ready-to-use and customizable mobile forensic solution for field and in-lab usage. It allows not only extraction of data from the device but also creates reports and analyzes data in the field.
Paraben’s DP2C Source: https://www.paraben.com
DP2C is a data targeted collection tool for triage forensics. DP2C is special software that runs from a USB drive and allows the collection of specific type of data from Windows-based systems to the evidence drive.
MiniTool Power Data Recovery Enterprise Source: http://www.minitool.com
MiniTool Power Data Recovery Enterprise Edition can recover data including images, texts, videos, music, and emails. It supports different data loss situations like important data lost because of deletion by mistake, formatting, logical damage, etc.
L0phtCrack Source: http://www.l0phtcrack.com
L0phtCrack is a password auditing and recovery software, It is packed with features such as scheduling, hash extraction from 64 bit Windows versions, multiprocessor algorithms, and network monitoring and decoding.
Ophcrack Source: http://ophcrack.sourceforge.net
Ophcrack is a free Windows password cracker based on rainbow tables. It comes with a Graphical User Interface and runs on multiple platforms.
Paraben’s P2C (P2 Commander) Source: https://www.paraben,com
P2C is a digital investigation tool used by forensic examiners. It has an integrated database with multi-threading. P2C was built on Paraben’s trusted email examination tools for unparalleled network email and personal email archive analysis.
IrfanView Source: http://www.irfanview.com
IrfanView is a small FREEWARE (for non-commercial use) graphic viewer for Windows 9x, ME, NT, 2000, XP, 2003 , 2008, Vista, Windows 7, Windows 8, Windows 10.
Also Read : Forensics Hardware
SnowBatch Source: http://www.snowbound.com
SnowBatch is a Windows-based image conversion and file conversion application that converts large batches of image or document files from one format to another.
Zamzar Source: http://www.zamzar.com
Zamzar supports over 1200 different conversions such as Video Converter, Audio Converter, Music Converter, eBook Converter, Image Converter, and CAD Converter.
Questions related to this topic
- What is forensic software?
- What are the three best forensic tools?
- Is FTK Toolkit free?
- What can computer forensics find?
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com