Difference between pages "Vendors" and "Gfzip"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(Software Vendors)
 
m
 
Line 1: Line 1:
= Software Vendors =
+
{{Wikify}}
  
; [[AccessData]] - [[Forensic Toolkit]] ([[FTK]])
+
Generic Forensic Zip is a set of tools and libraries for creating and
: http://www.accessdata.com/products/
+
accessing randomly accessible forensic zip files of disk images.
 
+
These files that use an open format (gfzip) defined by this project,
; [[ASR Data]] - [[SMART]]
+
allow a dd disk image to be stored in compressed form and yet be
: http://www.asrdata.com/SMART/
+
randomly accessable through the libgfz library. A second library,
 
+
libgfzcreate is made available by this project to allow the creation
; [[BlackBag Technologies]]
+
of gfz files from programs used to acquire disk image data. Finally the
: http://www.blackbagtech.com/software.html
+
project includes a set of basic commandline tools for the creation
 
+
and verification of gfzip files and for restoring dd images from the
; [[Computer Forensic Analysis]]
+
gfz files. Next to compression, the gfzip files are made 'safe' for
: http://www.porcupine.org/forensics/
+
forensic use by the use of x509 certificates and the use of multi level
 
+
digests (sha256). The x509 certificate that is used to sign the gfz
; [[Computer Cop Forensic Examiner]]
+
file is embedded into the file, thus carrying all relevant information
: http://www.computercop.com/examiner.html
+
about the person who acquired the image within the file.
 
+
One further feature thet gfzip allows is the embedding of (signed)
; [[CPR Tools]]
+
enviroment data and commandline attributes that may be useful as
: http://www.cprtools.net
+
metadata in the further processing of the image files. This metadata may
: Data Recovery, Data Security and Development Tools
+
include for example information about the source of the data and the
 
+
time it was aquired.
; [[Forensic and Security Services, Inc.]] - [[Rainbow Tables]]
+
Future versions of gfzip will also include bad-block information, this
: http://www.For-Sec.com
+
is a feature defined in the file format, but not implemented in the
; Hub/MO/VO VAR for
+
first release of gfzip. Details on gfzip can be found at http://www.nongnu.org/gfzip/
 
+
: AccessData
+
: Paraben
+
: WetStone
+
: DiskJockey forensic
+
: Objectif Securite - Rainbow Tables for - LM and NT hashes and MS Office documents
+
 
+
; [[Guidance Software]] - [[EnCase]]
+
: http://www.guidancesoftware.com/products/index.asp
+
 
+
; [[MaresWare Software]]
+
: http://www.maresware.com/maresware/software.htm
+
 
+
; [[NTI - Forensics International]] Division of Armor Forensics
+
: http://www.forensics-intl.com/tools.html
+
 
+
; [[Nuix Pty Ltd]] - [[FBI]]
+
: http://www.nuix.com.au
+
 
+
; [[Paraben Forensics]]
+
: http://www.paraben-forensics.com/
+
 
+
; [[PyFlag]]
+
: http://pyflag.sourceforge.net/
+
 
+
; [[Steganography Analysis and Research Center / Backbone Security]]
+
: General Product Information http://www.sarc-wv.com/products.aspx
+
: Backbone Security http://www.backbonesecurity.com
+
: Steganography Application Fingerprint Database (SAFDB) http://www.sarc-wv.com/safdb.aspx
+
: Steganography Analyzer Artifact Scanner (StegAlyzerAS) http://www.sarc-wv.com/stegalyzeras.aspx
+
: Steganography Analyzer Signature Scanner (StegAlyzerSS) http://www.sarc-wv.com/stegalyzerss.aspx
+
: Steganography Analyzer Real-Time Scanner (StegAlyzerRTS) http://www.sarc-wv.com/stegalyzerrts.aspx
+
 
+
; [[Tech Assist, Inc.]]
+
: http://www.toolsthatwork.com/
+
 
+
; [[Technology Pathways]] - [[Pro Discover]]
+
: http://www.techpathways.com/
+
 
+
; [[WetStone Technologies]]
+
:http://www.wetstonetech.com/page/page/3004314.htm
+
 
+
; [[X-Ways Software]]
+
: http://www.x-ways.net/
+
 
+
= Hardware Vendors =
+
; [[BlackBag Technologies]]
+
: http://www.blackbagtech.com/hardware.html
+
: [[Write Blockers]]
+
 
+
; [[CPR Tools]]
+
: [[Media Research and Data Recovery]]
+
: http://www.cprtools.net
+
: [[Adapters]], [[Imaging Hardware]], [[Field Kits]], [[Data Recovery tools]]
+
 
+
; [[Digital Intelligence]]
+
: http://www.digitalintelligence.com/forensichardware.php
+
: [[Write Blockers]], [[forensic field kit]]s, etc.
+
 
+
; [[Forensic and Security Services, Inc.]] - [[Field kits, write blockers]]
+
: http://www.For-Sec.com
+
; Hub/MO/VO VAR for
+
 
+
: AccessData
+
: Paraben
+
: Wetstone
+
: DiskJockey forensic
+
 
+
; [[Forensic-Computers]]
+
: http://www.forensic-computers.com/
+
: Various systems, [[Write Blockers]], [[forensic field kit]]s, etc.
+
 
+
; [[ForensicPC]]
+
: http://www.forensicpc.com/
+
: Various [[Write Blockers]], [[forensic field kit]]s, forensics software, etc.
+
 
+
; [[MyKey Tech]]
+
: http://www.mykeytech.com/
+
: [[Write Blockers]]
+
 
+
; [[Paraben Forensics]]
+
: http://www.paraben-forensics.com/catalog/index.php?cPath=26
+
: [[Write Blockers]], [[forensic field kit]]s, etc.
+
 
+
; [[Technology Pathways]]
+
: http://www.techpathways.com/
+
: [[Write Blockers]]
+
 
+
; [[Wiebetech]]
+
: http://wiebetech.com/
+
: Various [[Write Blockers]], [[forensic field kit]]s, etc.
+
 
+
= Training =
+
 
+
== Open for everyone ==
+
* [http://www.accessdata.com/training/ AccessData Training]
+
* [http://www.forensics-intl.com/training.html Armor Forensics (NTI - Forensics International)]
+
* [http://www.asrdata.com/training/ ASR Data Training]
+
* [http://www.blackbagtech.com/training.html BlackBag Tech Training]
+
* [http://www.cce-bootcamp.com/ Certified Computer Examiner BootCamp]
+
* [http://www.cprtools.net/training.php CPR Tools Training (Basic and Advanced Data Recovery)]
+
* [http://www.cftco.com/ Computer Forensics Training Center On-Line]
+
* [http://www.e-fense.com/training.html e-fense Inc]
+
* [http://www.nuix.com.au/screencasts.html FBI Screencast Training]
+
* [http://www.for-sec.com/p38.htm For-Sec Vendor classes, Cellphone/PDA seizure, and CFR 26 rules classes]
+
* [http://www.guidancesoftware.com/training/index.asp Guidance Software (EnCase) Training]
+
* [http://www.infosecinstitute.com/courses/security_training_courses.html InfoSec Institute]
+
* [http://www.crazytrain.com/training.html Linux Data Forensics Training]
+
* [http://www.maresware.com/maresware/training/maresware.htm Maresware Training]
+
*[http://www.Mobile-Forensics.com Mobile-Forensics.com (Research Forum for Mobile Device Forensics)]
+
* [http://www.mobileforensicstraining.com Mobile Forensics Training (Mobile Forensics Inc. Training)]
+
* [http://www.paraben-training.com/ Paraben Forensics Training]
+
* [http://www.sarc-wv.com/training.aspx Steganography Analysis and Research Center / Backbone Security]
+
* [http://www.techpathways.com/DesktopDefault.aspx?tabindex=5&tabid=9 Technology Pathways Pro Discover Training]
+
* [http://www.vigilar.com/training.html Vigilar]
+
* [http://www.wetstonetech.com/page/page/3004314.htm Wetstone Technologies]
+
 
+
== Law enforcement only ==
+
 
+
* [http://www.fletc.gov/cfi/fy06tibsched.htm Federal Law Enforcement Training Center]
+
* [http://www.cops.org/ IACIS Computer Training/Certification]
+
* [http://nw3c.org/ocr/courses_desc.cfm National White Collar Crime Center]
+
* [http://www.search.org/programs/hightech/courses.asp Search.Org]
+

Revision as of 11:30, 6 May 2006

40px-Ambox warning pn.png

This article, and others, needs to be wikified.
Please remove this template after wikifying.

Generic Forensic Zip is a set of tools and libraries for creating and accessing randomly accessible forensic zip files of disk images. These files that use an open format (gfzip) defined by this project, allow a dd disk image to be stored in compressed form and yet be randomly accessable through the libgfz library. A second library, libgfzcreate is made available by this project to allow the creation of gfz files from programs used to acquire disk image data. Finally the project includes a set of basic commandline tools for the creation and verification of gfzip files and for restoring dd images from the gfz files. Next to compression, the gfzip files are made 'safe' for forensic use by the use of x509 certificates and the use of multi level digests (sha256). The x509 certificate that is used to sign the gfz file is embedded into the file, thus carrying all relevant information about the person who acquired the image within the file. One further feature thet gfzip allows is the embedding of (signed) enviroment data and commandline attributes that may be useful as metadata in the further processing of the image files. This metadata may include for example information about the source of the data and the time it was aquired. Future versions of gfzip will also include bad-block information, this is a feature defined in the file format, but not implemented in the first release of gfzip. Details on gfzip can be found at http://www.nongnu.org/gfzip/