AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Osforensics old version11/14/2023 There are many different open source licenses but they all must comply with the Open Source Definition - in brief: the software can be freely used, modified and shared. Programs released under this license can be used at no cost for both personal and commercial purposes. Open Source software is software with source code that anyone can inspect, modify or enhance. Freeware products can be used free of charge for both personal and professional (commercial use). Limited functionality.įreeware programs can be downloaded used free of charge and without any time limitations. Browse Volume Shadow copies to see past versions of files.Discover and reveal hidden areas in your hard disk.Password recovery from web browsers, decryption of office documents.Uncover recent activity of website visits, downloads, and logins.Search through email archives from Outlook, ThunderBird, Mozilla and more.Search within file contents using the Zoom search engine.Find files faster, search by filename, size and time.Customizable System Information Gathering.Multi-core acceleration for file decryption.Disk indexing and searching not restricted to a fixed number of files.List and search for alternate file streams.Restoration of multiple deleted files in one operation.No limits on the number of cases being managed through OSForensics.Customizable system information gathering.In addition, the Web Browser can capture all or a subset of linked pages (up to a single level) Features and Highlights The Web Browser can be optionally configured to capture the webpages from a user-specified list of URLs. It provides a basic web viewer with the ability to load web pages from the web and save screen captures of web pages to the case. This will allow for the discovery of changes to files and even view possible deleted files. Shadow copies provide a glimpse of the volume at a point in time in the past. ![]() The app includes built-in support for accessing Volume Shadow Copies. The Host Protected Area (HPA) and Device Configuration Overlay (DCO) are features for hiding sectors of a hard disk from being accessible to the end-user. It can discover and expose the HPA and DCO hidden areas of a hard disk, which can be used for malicious intent including hiding illegal data. Blacklisted URLs are also reported, showing the user has visited the site but elected not to store a password in the browser. Data recovered include, the URL of the website (usually HTTPS), the login username, the site's password, the browser used to access the site & the Windows user name. This can be done on the live machine or from an image of a hard drive. With the program, you can recover browser passwords from Chrome, Edge, IE, Firefox, and Opera. This is especially useful for identifying trends and patterns of the user, and any material or accounts that have been accessed recently. OSForensics scans your system for evidence of recent activity, such as accessed websites, USB drives, wireless networks, recent downloads, website logins, and website passwords. A value towards 100 means that the deleted file is largely intact, with only a few missing clusters of data. ![]() Each deleted file found is displayed with a corresponding Quality indicator between 0-100. This allows you to review the files that the user may have attempted to destroy. OSForensics allows you to recover and search deleted files, even after they have been removed from the Recycle Bin. OS Forensics allows you to perform full-text searches within email archives used by many popular e-mail programs such as Microsoft Outlook, Mozilla Thunderbird, Outlook Express, and more. This can take some time but it is what allows for repeated fast searches later on. The first stage in being able to search emails is to create an index of the archives in question. This includes the Timeline View which allows you to sift through the matches on a timeline, making evident the pattern of user activity on the machine. Results are returned and made available in several different useful views. You can search by filename, size, creation and modified dates, and other criteria. It provides one of the fastest and most powerful ways to locate files on a Windows computer. So it is possible to correctly index a DOCX file attached to an E-mail in a PST file which is in turn compressed in a ZIPX file. This includes: DOC, DOCX, PDF, PPT, XLS, RTF, WPD, SWF, DJVU, JPG, GIF, PNG, TIFF, MP3, DWF, DOCX, PPTX, XLSX, MHT, ZIP, PST, MBOX, MSG, DBX, ZIP, ZIPX, RAR, ISO, TAR, 7z and more. ![]() Enjoy! OSForensics can index the content of a huge variety of file formats. Manage your digital investigation and create reports from collected forensic data. Identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory, and binary data. OSForensics lets you extract forensic evidence from computers quickly with high-performance file searches and indexing.
0 Comments
Read More
Leave a Reply. |