|
Forensic Software
During the 1980s, most digital forensics, digital forensic investigations consisted of "live analysis", examining digital media directly using non-specialist tools. In the 1990s, several freeware and other proprietary tools (both hardware and software) were created to allow investigations to take place without modifying media. This first set of tools mainly focused on computer forensics, although in recent years similar tools have evolved for the field of mobile device forensics. This list includes notable examples of digital forensic tools. Forensics-focused operating systems Debian-based * Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing, formerly known as BackTrack. * Parrot Security OS is a cloud computing, cloud-oriented Linux distribution based on Debian and designed to perform security and penetration tests, do forensic analysis, or act in anonymity. It uses the MATE Desktop Environment, Linux Kernel 4.6 or higher ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Digital Forensics
Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery, investigation, examination, and analysis of material found in digital devices, often in relation to mobile devices and computer crime. The term "digital forensics" was originally used as a synonym for computer forensics but has been expanded to cover investigation of all devices capable of Computer data storage, storing digital data. With roots in the Home computer#The Home Computer .22Revolution.22, personal computing revolution of the late 1970s and early 1980s, the discipline evolved in a haphazard manner during the 1990s, and it was not until the early 21st century that national policies emerged. Digital forensics investigations have a variety of applications. The most common is to support or refute a hypothesis before Criminal law, criminal or civil litigation, civil courts. Criminal cases involve the alleged breaking of laws that are defined by legislat ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
PTK Forensics
PTK Forensics (PTK) was a non-free, commercial GUI for old versions of the digital forensics tool The Sleuth Kit (TSK). It also includes a number of other software modules for investigating digital media. The software is not developed anymore. PTK runs as a GUI interface for The Sleuth Kit, acquiring and indexing digital media for investigation. Indexes are stored in an SQL database for searching as part of a digital investigation. PTK calculates a hash signature (using SHA-1 and MD5 The MD5 message-digest algorithm is a widely used hash function producing a 128-bit hash value. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function MD4, and was specified in 1992 as Request for Comments, RFC 1321. MD5 ...) for acquired media for verification and consistency purposes. References External links SourceForge.net download site for PTK {{DEFAULTSORT:Ptk Forensics Computer forensics Digital forensics software ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
LGPL
The GNU Lesser General Public License (LGPL) is a free-software license published by the Free Software Foundation (FSF). The license allows developers and companies to use and integrate a software component released under the LGPL into their own (even proprietary) software without being required by the terms of a strong copyleft license to release the source code of their own components. However, any developer who modifies an LGPL-covered component is required to make their modified version available under the same LGPL license. For proprietary software, code under the LGPL is usually used in the form of a shared library, so that there is a clear separation between the proprietary and LGPL components. The LGPL is primarily used for software libraries, although it is also used by some stand-alone applications. The LGPL was developed as a compromise between the strong copyleft of the GNU General Public License (GPL) and more permissive licenses such as the BSD licenses and th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Computer Forensics Architecture
The Open Computer Forensics Architecture (OCFA) is a distributed open-source computer forensics framework used to analyze digital media within a digital forensics laboratory environment. The framework was built by the Dutch national police. Architecture OCFA consists of a back end for the Linux platform, it uses a PostgreSQL database for data storage, a custom Content-addressable storage or CarvFS based data repository and a Lucene index. The front end for OCFA has not been made publicly available due to licensing issues. The framework integrates with other open source forensic tools and includes modules for The Sleuth Kit, Scalpel, Photorec, libmagic, GNU Privacy Guard, objdump, exiftags, zip, 7-zip, tar, gzip, bzip2, rar, antiword, qemu-img, and mbx2mbox. OCFA is extensible in C++ or Java. See also * List of digital forensics tools During the 1980s, most digital forensics, digital forensic investigations consisted of "live analysis", examining digital media directly using ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Netherlands Forensic Institute
The Netherlands Forensic Institute (Dutch ''Nederlands Forensisch Instituut'') is the national forensics institute of the Netherlands, located in the Ypenburg quarter of The Hague. It is a agency of the Dutch Ministry of Justice and Security and falls under the Directorate-General for the Administration of Justice and Law Enforcement. History On 30 July 1945, the government decided to set up a Justice Laboratory. Three years later, on 4 November 1948, the laboratory became a department of the Ministry of Justice. A similar institution was founded in 1951: ''Gerechtelijk Geneeskundig Laboratorium'' (Judicial Medical Laboratory), which was later renamed ''Laboratorium voor Gerechtelijke Pathologie'' Laboratory for Judicial Pathology which were located at the building in The Hague which was later used by Europol. Pathologist Dr. Jan Zeldenrust was the first director of this laboratory. On 1 November 1999, the two laboratories merged into the ''Nederlands Forensisch Instituut'' (Ne ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IsoBuster
IsoBuster is a data recovery computer program by Smart Projects, a Belgian company founded in 1995 by Peter Van Hove. As of version 3.0, it can recover data from damaged file systems or physically damaged disks including optical discs, hard disk drives, USB flash drives and solid-state disks. It has the ability to access "deleted" data on multisession optical discs, and allows users to access disc images (including ISO, BIN and NRG) and to extract files in the same way that they would from a ZIP archive. IsoBuster is also often used by law enforcement and data forensics experts. See also * List of data recovery software In computing, data recovery is a process of retrieving deleted, inaccessible, lost, corrupted, damaged, overwritten or formatted data from computer data storage#Secondary storage, secondary storage, removable media or Computer file, files, when ... References External links * Story by the author of IsoBuster, how it all began Windows-only shareware ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Forensic Toolkit
Forensic Toolkit, or FTK, is computer forensics software originally developed by AccessData, and now owned and actively developed by Exterro. It scans a hard drive looking for various information. It can, for example, potentially locate deleted emails and scan a disk for text strings to use them as a password dictionary to crack encryption. FTK is also associated with a standalone disk imaging program called FTK Imager. This tool saves an image of a hard disk in one file or in segments that may be later on reconstructed. It calculates MD5 and SHA1 hash values A hash function is any function that can be used to map data of arbitrary size to fixed-size values, though there are some hash functions that support variable-length output. The values returned by a hash function are called ''hash values'', ... and can verify the integrity of the data imaged is consistent with the created forensic image. The forensic image can be saved in several formats, including DD/raw, E01, and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Guidance Software
Guidance Software, Inc. was a publicly traded company founded in 1997 by Shawn McCreight. Headquartered in Pasadena, California, the company developed and provided software solutions for digital investigations primarily in the United States, Europe, the Middle East, Africa, and the Asia/Pacific Rim. Guidance Software had offices in Brazil, Chicago, Houston, New York City, San Francisco, Singapore, United Kingdom and Washington, D.C., and employed approximately 371 employees. On September 14, 2017, the company was acquired by OpenText. Best known for its EnCase digital investigations software, Guidance Software's product line was organized around four markets: digital forensics, endpoint security analytics, cyber security incident response, and e-discovery. The company served law-enforcement and government agencies, as well as corporations in various industries, such as financial and insurance services, technology, defense contracting, telecom, pharmaceutical, healthcare, manufact ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
EnCase
EnCase is the shared technology within a suite of digital investigations products by Guidance Software (acquired by OpenText in 2017). The software comes in several products designed for forensic, cyber security, security analytics, and e-discovery use. EnCase is traditionally used in forensics to recover evidence from seized hard drives. It allows the investigator to conduct in-depth analysis of user files to collect evidence such as documents, pictures, internet history and Windows Registry information. The company also offers EnCase training and certification. Data recovered by EnCase has been used in various court systems, such as in the cases of the BTK Killer and the murder of Danielle van Dam. Additional EnCase forensic work was documented in other cases such as the evidence provided for the Casey Anthony, Unabomber, and Mucko (Wakefield Massacre) cases. Company and Product Overview Guidance Software, and the Encase forensic tool, was originally created by Shawn H. M ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GNU General Public License
The GNU General Public Licenses (GNU GPL or simply GPL) are a series of widely used free software licenses, or ''copyleft'' licenses, that guarantee end users the freedom to run, study, share, or modify the software. The GPL was the first copyleft license available for general use. It was originally written by Richard Stallman, the founder of the Free Software Foundation (FSF), for the GNU Project. The license grants the recipients of a computer program the rights of the Free Software Definition. The licenses in the GPL series are all copyleft licenses, which means that any derivative work must be distributed under the same or equivalent license terms. The GPL is more restrictive than the GNU Lesser General Public License, and even more distinct from the more widely used permissive software licenses such as BSD, MIT, and Apache. Historically, the GPL license family has been one of the most popular software licenses in the free and open-source software (FOSS) domai ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
