BitFlare

From ForensicsWiki
Revision as of 12:59, 29 January 2010 by Dmkennedy (Talk | contribs)

Jump to: navigation, search

BitFlare is a Software-as-a-Service offering from SunBlock Systems that allows non-experts to perform computer forensics, electronic evidence discovery, and data preservation. The software loads its own operating system on to a suspect computer, essentially utilizing the suspect machine itself a forensic platform.

Capabilities

BitFlare allows users to view and filter visible and deleted file entries of various common metadata such as timestamps, file names, file paths, and file sizes. In addition, a user can filter files by supersets of broad file categories such as Microsoft Office, MRU file links, and Image and Video files.

Keyword searches can be run across visible and deleted files as well as across slack, unallocated, and unpartitioned space across the hard drive. Keyword searching supports full PCRE regular expressions and case sensitivity.

Relevant files and keyword fragment extraction is facilitated through Evidence Discovery Packs. Files are saved in their native format.

BitFlare supports hard drive preservation. Users can save encrypted forensic copies of the hard drive to externally connected devices. Encrypted images can be sent to SunBlock Systems for decryption, third party validation, and analysis.


External Links