Difference between revisions of "SMART"

From ForensicsWiki
Jump to: navigation, search
(Removed cut'n'pasted description for obvious legal reasons. Various fixes.)
Line 1: Line 1:
=SMART=
+
'''SMART''' is a commercial forensics software package distributed by [[ASR Data]].
+
 
+
[http://www.asrdata.com/ Website]
+
 
+
  
 
=Features=
 
=Features=
 
SMART is a software utility that has been designed and optimized to support data forensic practitioners and Information Security personnel in pursuit of their respective duties and goals. The SMART software and methodology have been developed with the intention of integrating technical, legal and end-user requirements into a complete package that enables the user to perform their job most effectively and efficiently.
 
 
SMART is more than a stand-alone data forensic program. The features of SMART allow it to be used in many scenarios, including:
 
 
    *  "Knock-and-talk" inquiries and investigations
 
    *  on-site or remote preview of a target system
 
    *  post mortem analysis of a dead system
 
    *  testing and verification of other forensic programs
 
    *  conversion of proprietary "evidence file" formats
 
    *  baselining of a system
 
 
 
Who Uses SMART?
 
SMART is currently utilized by:
 
 
    *  Federal, State and local Law Enforcement
 
    *  U.S. Military and Intelligence Organizations
 
    *  Accounting Firms
 
    *  Data forensic examiners
 
    *  Data recovery specialists
 
    *  Disaster recovery professionals
 
    *  Information security professionals
 
    *  Health care privacy professionals
 
    *  Internal auditors
 
    *  System Administrators
 
 
  
 
==File Systems Understood==
 
==File Systems Understood==
 
(unknown)
 
  
 
==File Search Facilities==
 
==File Search Facilities==
Line 43: Line 10:
 
* Sorts files by type.
 
* Sorts files by type.
 
* Searches for keywords and regex.
 
* Searches for keywords and regex.
* Registry Viewer
+
* [[Registry viewer]].
  
 
==Historical Reconstruction==
 
==Historical Reconstruction==
Line 51: Line 18:
 
==Searching Abilities==
 
==Searching Abilities==
  
* Can use basic keyword searching.  
+
* Can use basic keyword searching.
  
 
==Hash Databases==
 
==Hash Databases==
  
* SHA
+
* [[SHA]]
* MD5
+
* [[MD5]]
* CRC
+
* [[CRC]]
 
+
  
 
==Evidence Collection Features==
 
==Evidence Collection Features==
  
"Just about everything you do is logged in SMART. You can selectively export these log events into a simple HTML report."
+
* "''Just about everything you do is logged in SMART. You can selectively export these log events into a simple HTML report.''"
  
 
=History=
 
=History=
 
 
  
 
==License Notes==
 
==License Notes==
Line 74: Line 38:
 
= External Links =
 
= External Links =
 
   
 
   
[http://www.asrdata.com/Website}
+
* [http://www.asrdata.com/ Official website]
  
 
==External Reviews==
 
==External Reviews==

Revision as of 16:15, 21 March 2006

SMART is a commercial forensics software package distributed by ASR Data.

Features

File Systems Understood

File Search Facilities

  • Lists allocated and unallocated files.
  • Sorts files by type.
  • Searches for keywords and regex.
  • Registry viewer.

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

  • Can use basic keyword searching.

Hash Databases

Evidence Collection Features

  • "Just about everything you do is logged in SMART. You can selectively export these log events into a simple HTML report."

History

License Notes

Is it commercial or open source? Are there other licensing options?

External Links

External Reviews