Forensic Toolkit

From ForensicsWiki
Revision as of 17:29, 21 March 2006 by Pw (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Forensics Toolkit

This Fort Worth based company makes forensics software and packages it with portable hardware for investigators in the field with desktop workstations for offices.



File Systems Understood

  • Outlook (PST)
  • AOL
  • Web based email like Yahoo and Hotmail.
  • Eudora
  • MSN Mail
  • NTFS
  • FAT
  • Ext2, Ext3
  • Compressed files iwth WinZip, GZip, Tar and others

File Search Facilities

  • Lists allocated and unallocated files.
  • Sorts files by type.
  • Searches for keywords and regular expressions.

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

  • Can use basic keyword searching.
  • Offers full-text indexing powered by dtSearch.
  • Search can be focused on "internet text"

Hash Databases

  • MD5
  • Searches with "Known File Filter" (Nist and Hashkeeper)

Evidence Collection Features

Can it sign files? Does it keep an audit log?


License Notes

Is it commercial or open source? Are there other licensing options?

External Links

[ Website}

External Reviews