Forensic Software
   HOME
*





Forensic Software
During the 1980s, most digital forensics, digital forensic investigations consisted of "live analysis", examining digital media directly using non-specialist tools. In the 1990s, several freeware and other proprietary tools (both hardware and software) were created to allow investigations to take place without modifying media. This first set of tools mainly focused on computer forensics, although in recent years similar tools have evolved for the field of mobile device forensics. This list includes notable examples of digital forensic tools. Forensics-focused operating systems Debian-based * Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing, formerly known as BackTrack. * Parrot Security OS is a cloud computing, cloud-oriented Linux distribution based on Debian and designed to perform security and penetration tests, do forensic analysis, or act in anonymity. It uses the MATE Desktop Environment, Linux Kernel 4.6 or highe ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Digital Forensics
Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery, investigation, examination and analysis of material found in digital devices, often in relation to mobile devices and computer crime. The term digital forensics was originally used as a synonym for computer forensics but has expanded to cover investigation of all devices capable of storing digital data. With roots in the personal computing revolution of the late 1970s and early 1980s, the discipline evolved in a haphazard manner during the 1990s, and it was not until the early 21st century that national policies emerged. Digital forensics investigations have a variety of applications. The most common is to support or refute a hypothesis before criminal or civil courts. Criminal cases involve the alleged breaking of laws that are defined by legislation and that are enforced by the police and prosecuted by the state, such as murder, theft and assault agai ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Digital Forensics Framework
Digital Forensics Framework (DFF) was a computer forensics open-source software. It is used by professionals and non-experts to collect, preserve and reveal digital evidence without compromising systems and data. User interfaces Digital Forensics Framework offers a graphical user interface (GUI) developed in PyQt and a classical tree view. Features such as recursive view, tagging, live search and bookmarking are available. Its command line interface allows the user to remotely perform digital investigation. It comes with common shell functions such as completion, task management, globing and keyboard shortcuts. DFF can run batch scripts at startup to automate repetitive tasks. Advanced users and developers can use DFF directly from a Python interpreter to script their investigation. Distribution methods In addition to the source code package and binary installers for Linux and Windows, Digital Forensics Framework is available in operating system distributions as is typical in f ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

LAMP (software Bundle)
LAMP (Linux, Apache, MySQL, PHP/Perl/Python) is an acronym denoting one of the most common software stacks for many of the web's most popular applications. However, LAMP now refers to a generic software stack model and its components are largely interchangeable. Each letter in the acronym stands for one of its four open-source building blocks: * Linux for the operating system * Apache HTTP Server * MySQL for the relational database management system * PHP, Perl, or Python programming language The components of the LAMP stack are present in the software repositories of most Linux distributions. History The acronym LAMP was coined by Michael Kunze in the December 1998 issue of ''Computertechnik'', a German computing magazine, as he demonstrated that a bundle of free and open-source software "could be a feasible alternative to expensive commercial packages". Since then, O'Reilly Media and MySQL teamed up to popularize the acronym and evangelize its use. The term and th ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


PTK Forensics
PTK Forensics (PTK) was a non-free, commercial GUI for old versions of the digital forensics tool The Sleuth Kit (TSK). It also includes a number of other software modules for investigating digital media. The software is not developed anymore. PTK runs as a GUI interface for The Sleuth Kit, acquiring and indexing digital media for investigation. Indexes are stored in an SQL database for searching as part of a digital investigation. PTK calculates a hash signature (using SHA-1 In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographically broken but still widely used hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecima ... and MD5) for acquired media for verification and consistency purposes. References External links SourceForge.net download site for PTK {{DEFAULTSORT:Ptk Forensics Computer forensics Digital forensics software ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

MacOS
macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac computers. Within the market of desktop and laptop computers it is the second most widely used desktop OS, after Microsoft Windows and ahead of ChromeOS. macOS succeeded the classic Mac OS, a Mac operating system with nine releases from 1984 to 1999. During this time, Apple cofounder Steve Jobs had left Apple and started another company, NeXT, developing the NeXTSTEP platform that would later be acquired by Apple to form the basis of macOS. The first desktop version, Mac OS X 10.0, was released in March 2001, with its first update, 10.1, arriving later that year. All releases from Mac OS X 10.5 Leopard and after are UNIX 03 certified, with an exception for OS X 10.7 Lion. Apple's other operating systems (iOS, iPadOS, watchOS, tvOS, audioOS) are derivatives of macOS. A promi ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Microsoft Windows
Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for servers, and Windows IoT for embedded systems. Defunct Windows families include Windows 9x, Windows Mobile, and Windows Phone. The first version of Windows was released on November 20, 1985, as a graphical operating system shell for MS-DOS in response to the growing interest in graphical user interfaces (GUIs). Windows is the most popular desktop operating system in the world, with 75% market share , according to StatCounter. However, Windows is not the most used operating system when including both mobile and desktop OSes, due to Android's massive growth. , the most recent version of Windows is Windows 11 for consumer PCs and tablets, Windows 11 Enterprise for corporations, and Windows Server 2022 for servers. Genealogy By marketing ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


LGPL
The GNU Lesser General Public License (LGPL) is a free-software license published by the Free Software Foundation (FSF). The license allows developers and companies to use and integrate a software component released under the LGPL into their own (even proprietary) software without being required by the terms of a strong copyleft license to release the source code of their own components. However, any developer who modifies an LGPL-covered component is required to make their modified version available under the same LGPL license. For proprietary software, code under the LGPL is usually used in the form of a shared library, so that there is a clear separation between the proprietary and LGPL components. The LGPL is primarily used for software libraries, although it is also used by some stand-alone applications. The LGPL was developed as a compromise between the strong copyleft of the GNU General Public License (GPL) and more permissive licenses such as the BSD licenses and the MIT L ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




Open Computer Forensics Architecture
The Open Computer Forensics Architecture (OCFA) is a distributed open-source computer forensics framework used to analyze digital media within a digital forensics laboratory environment. The framework was built by the Dutch national police. Architecture OCFA consists of a back end for the Linux platform, it uses a PostgreSQL database for data storage, a custom Content-addressable storage or CarvFS based data repository and a Lucene index. The front end for OCFA has not been made publicly available due to licensing issues. The framework integrates with other open source forensic tools and includes modules for The Sleuth Kit, Scalpel, Photorec, libmagic, GNU Privacy Guard, objdump, exiftags, zip, 7-zip, tar, gzip, bzip2, rar, antiword, qemu-img, and mbx2mbox. OCFA is extensible in C++ or Java. See also * List of digital forensics tools During the 1980s, most digital forensic investigations consisted of "live analysis", examining digital media directly using non-specialist tool ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Netherlands Forensic Institute
The Netherlands Forensic Institute (Dutch ''Nederlands Forensisch Instituut'') is the national forensics institute of the Netherlands, located in the Ypenburg quarter of The Hague. It is an autonomous division of the Dutch Ministry of Security and Justice and falls under the Directorate-General for the Administration of Justice and Law Enforcement. History On 30 July 1945, the government decided to set up a Justice Laboratory. Three years later, on 4 November 1948, the laboratory became a department of the Ministry of Justice. A similar institution was founded in 1951: ''Gerechtelijk Geneeskundig Laboratorium'' (Judicial Medical Laboratory), which was later renamed ''Laboratorium voor Gerechtelijke Pathologie'' Laboratory for Judicial Pathology which were located at the building in The Hague which was later used by Europol. Pathologist Dr. Jan Zeldenrust was the first CEO of this laboratory. On 1 November 1999, the two laboratories merged into the ''Nederlands Forensisch Ins ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


IsoBuster
IsoBuster is a data recovery computer program by Smart Projects, a Belgian company founded in 1995 by Peter Van Hove. As of version 3.0, it can recover data from damaged file systems or physically damaged disks including optical discs, hard disk drives, USB flash drives and solid-state disks. It has the ability to access "deleted" data on multisession optical discs, and allows users to access disc images (including ISO, BIN and NRG) and to extract files in the same way that they would from a ZIP archive. IsoBuster is also often used by law enforcement and data forensics experts. See also * List of data recovery software In computing, data recovery is a process of retrieving deleted, inaccessible, lost, corrupted, damaged, or formatted data from secondary storage, removable media or Computer file, files, when the data stored in them cannot be accessed in a usual ... References External links * Story by the author of IsoBuster, how it all began Windows-only shareware ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Forensic Toolkit
Forensic Toolkit, or FTK, is a computer forensics software made by AccessData. It scans a hard drive looking for various information. It can, for example, potentially locate deleted emails and scan a disk for text strings to use them as a password dictionary to crack encryption. FTK is also associated with a standalone disk imaging program called FTK Imager. This tool saves an image of a hard disk in one file or in segments that may be later on reconstructed. It calculates MD5 and SHA1 hash values A hash function is any Function (mathematics), function that can be used to map data (computing), data of arbitrary size to fixed-size values. The values returned by a hash function are called ''hash values'', ''hash codes'', ''digests'', or si ... and can verify the integrity of the data imaged is consistent with the created forensic image. The forensic image can be saved in several formats, including DD/raw, E01, and AD1. References External links
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Guidance Software
Guidance Software, Inc. was a public company (NASDAQ: GUID) founded in 1997. Headquartered in Pasadena, California, the company developed and provided software solutions for digital investigations primarily in the United States, Europe, the Middle East, Africa, and the Asia/Pacific Rim. Guidance Software had offices in Brazil, Chicago, Houston, New York City, San Francisco, Singapore, United Kingdom and Washington, D.C. and employed approximately 371 employees. On September 14, 2017, the company was acquired by OpenText. Best known for its EnCase digital investigations software, Guidance Software's product line was organized around four markets: digital forensics, endpoint security analytics, cyber security incident response, and e-discovery. The company served law-enforcement and government agencies, as well as corporations in various industries, such as financial and insurance services, technology, defense contracting, telecom, pharmaceutical, healthcare, manufacturing, and ret ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]