Description:OSForensics allows you to identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory and binary data.
It lets you extract forensic evidence from computers quickly with advanced file searching and indexing and enables this data to be managed effectively.
Search within Files
If the basic file search functionality is not enough, OSForensics can also create an index of the files on a hard disk. This allows for lightning fast searches for text contained inside the documents. Powered by the technology behind Wrensoft's acclaimed Zoom Search Engine.
Search for Emails
An additional feature of being able to search within files is the ability to search email archives. The indexing process can open and read most popular email file formats (including pst) and identify the individual messages.
This allows for a fast text content search of any emails found on a system
Recover Deleted Files
After a file has been deleted, even once removed from the recycling bin, it often still exists until another new file takes its place on the hard drive. OSForensics can track down this ghost file data and attempt to restore it back to useable state on the hard drive.
Uncover Recent Activity
Find out what users have been up to. OSForensics can uncover the user actions performed recently on the system, including but not limited to:
Opened Documents
Web Browsing History
Connected USB Devices
Connected Network Shares
Collect System Information
Find out what's inside the computer. Detailed information about the hardware a system is running on:
CPU type and number of CPUs
Amount and type of RAM
Installed Hard Drives
Connected USB devices
and much more.
View Active Memory
Look directly at what is currently in the systems main memory. Attempt to uncover passwords and other sensitive information that would otherwise be inaccessible.
Select from a list of active processes on the system to inspect. OSF can also dump their memory to a file on disk for later inspection.
Extract Logins and Passwords
Recover usernames and passwords from recently accessed websites in common web browsers, including Internet Explorer, Firefox, Chrome and Opera.
Whats New :
Deleted Files - FileCarving
Fixed Crash. TIF file format has internal pointers to location within the file, when these pointer contains a corrupted/invalid value, it would possibly cause OSForensics to crash.
Added slider to configuration to allow selection of start and end percent/location of drive to carve.
Fixed possible crash when searching for HFS+ deleted files.
File Indexer
New Zoom build, fixed issues with not starting indexing on HFS image with "Invalid folder" errors.
Misc
Fixed retrieving file attributes on non-ntfs file systems
Fixed possible crash when access HFS+ filesystem
Added detection of file system for MBR partitions due to possible differences in reported partition type and actual file system
It lets you extract forensic evidence from computers quickly with advanced file searching and indexing and enables this data to be managed effectively.
Search within Files
If the basic file search functionality is not enough, OSForensics can also create an index of the files on a hard disk. This allows for lightning fast searches for text contained inside the documents. Powered by the technology behind Wrensoft's acclaimed Zoom Search Engine.
Search for Emails
An additional feature of being able to search within files is the ability to search email archives. The indexing process can open and read most popular email file formats (including pst) and identify the individual messages.
This allows for a fast text content search of any emails found on a system
Recover Deleted Files
After a file has been deleted, even once removed from the recycling bin, it often still exists until another new file takes its place on the hard drive. OSForensics can track down this ghost file data and attempt to restore it back to useable state on the hard drive.
Uncover Recent Activity
Find out what users have been up to. OSForensics can uncover the user actions performed recently on the system, including but not limited to:
Opened Documents
Web Browsing History
Connected USB Devices
Connected Network Shares
Collect System Information
Find out what's inside the computer. Detailed information about the hardware a system is running on:
CPU type and number of CPUs
Amount and type of RAM
Installed Hard Drives
Connected USB devices
and much more.
View Active Memory
Look directly at what is currently in the systems main memory. Attempt to uncover passwords and other sensitive information that would otherwise be inaccessible.
Select from a list of active processes on the system to inspect. OSF can also dump their memory to a file on disk for later inspection.
Extract Logins and Passwords
Recover usernames and passwords from recently accessed websites in common web browsers, including Internet Explorer, Firefox, Chrome and Opera.
Whats New :
Deleted Files - FileCarving
Fixed Crash. TIF file format has internal pointers to location within the file, when these pointer contains a corrupted/invalid value, it would possibly cause OSForensics to crash.
Added slider to configuration to allow selection of start and end percent/location of drive to carve.
Fixed possible crash when searching for HFS+ deleted files.
File Indexer
New Zoom build, fixed issues with not starting indexing on HFS image with "Invalid folder" errors.
Misc
Fixed retrieving file attributes on non-ntfs file systems
Fixed possible crash when access HFS+ filesystem
Added detection of file system for MBR partitions due to possible differences in reported partition type and actual file system
Out Of Topic Show Konversi KodeHide Konversi Kode Show EmoticonHide Emoticon