Difference between revisions of "Forensic Toolkit"

From ForensicsWiki
Jump to: navigation, search
 
(Various fixes.)
Line 1: Line 1:
=Forensics Toolkit=
+
The '''Forensic Toolkit''' is a commercial forensic software package distributed by [[AccessData]].
 
+
This Fort Worth based company makes forensics software and packages it with portable hardware for investigators in the field with desktop workstations for offices.
+
 
+
[http://www.accessdata.com/ Website]
+
 
+
  
 
=Features=
 
=Features=
Line 11: Line 6:
  
 
* Outlook (PST)
 
* Outlook (PST)
* AOL  
+
* AOL
* Web based email like Yahoo and Hotmail.
+
* Web based email like Yahoo and Hotmail
 
* Eudora  
 
* Eudora  
 
* MSN Mail
 
* MSN Mail
* NTFS
+
* [[NTFS]]
* FAT
+
* [[FAT]]
* Ext2, Ext3
+
* [[Ext2]], [[Ext3]]
* Compressed files iwth WinZip, GZip, Tar and others
+
* Compressed files with [[WinZip]], [[GZip]], [[Tar]] and others
  
 
==File Search Facilities==
 
==File Search Facilities==
Line 25: Line 20:
 
* Sorts files by type.
 
* Sorts files by type.
 
* Searches for keywords and regular expressions.
 
* Searches for keywords and regular expressions.
 
 
  
 
==Historical Reconstruction==
 
==Historical Reconstruction==
Line 35: Line 28:
  
 
* Can use basic keyword searching.
 
* Can use basic keyword searching.
* Offers full-text indexing powered by dtSearch.
+
* Offers full-text indexing powered by [[dtSearch]].
* Search can be focused on "internet text"  
+
* Search can be focused on "Internet text".
  
 
==Hash Databases==
 
==Hash Databases==
  
* MD5
+
* [[MD5]].
* Searches with "Known File Filter" (Nist and Hashkeeper)
+
* Searches with "Known File Filter" ([[NIST]] and [[Hashkeeper]]).
 
+
  
 
==Evidence Collection Features==
 
==Evidence Collection Features==
Line 49: Line 41:
  
 
=History=
 
=History=
 
 
  
 
==License Notes==
 
==License Notes==
Line 56: Line 46:
 
Is it commercial or open source? Are there other licensing options?
 
Is it commercial or open source? Are there other licensing options?
  
= External Links =
+
=External Links=
 
   
 
   
[http://www.accessdata.com/ Website}
+
* [http://www.accessdata.com/ Official website]
  
 
==External Reviews==
 
==External Reviews==

Revision as of 17:10, 21 March 2006

The Forensic Toolkit is a commercial forensic software package distributed by AccessData.

Features

File Systems Understood

  • Outlook (PST)
  • AOL
  • Web based email like Yahoo and Hotmail
  • Eudora
  • MSN Mail
  • NTFS
  • FAT
  • Ext2, Ext3
  • Compressed files with WinZip, GZip, Tar and others

File Search Facilities

  • Lists allocated and unallocated files.
  • Sorts files by type.
  • Searches for keywords and regular expressions.

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

  • Can use basic keyword searching.
  • Offers full-text indexing powered by dtSearch.
  • Search can be focused on "Internet text".

Hash Databases

Evidence Collection Features

Can it sign files? Does it keep an audit log?

History

License Notes

Is it commercial or open source? Are there other licensing options?

External Links

External Reviews