Difference between pages "FTK Imager" and "File Analysis"

Revision as of 14:54, 18 April 2006

File analysis is an important part of computer forensics.

...

...

Prevx1: http://fileinfo.prevx.com/; Very helpful site that identifies/tracks/analyzes 100,000 new executable programs per day around the globe. The have a heuristic engine capable of sorting the good from the bad/harmful (malware).

@@ Line 1: / Line 1: @@
-FTK Imager is a data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis with AccessData® Forensic Toolkit® (FTK™) is warranted. FTK Imager can also create perfect copies (forensic images) of computer data without making changes to the original evidence.
+'''File analysis''' is an important part of [[computer forensics]].
-With FTK Imager, you can:
+== Introduction ==
-·   Preview files and folders on local hard drives, floppy diskettes, Zip disks, CDs, and DVDs.
+...
-·   Create forensic images of local hard drives, floppy diskettes, Zip disks, CDs, and DVDs.
+== Malware Forensics ==
-·   Preview the contents of forensic images stored on the local machine or on a network drive.
+...
-·   Export files and folders.
+== Tools ==
-·   Generate hash reports for regular files and disk images (including files inside disk images).
+; [[Prevx1]]
+: http://fileinfo.prevx.com/
+: Very helpful site that identifies/tracks/analyzes 100,000 new executable programs per day around the globe. The have a heuristic engine capable of sorting the good from the bad/harmful ([[malware]]).
+== External Links ==
-IMPORTANT: When using FTK Imager to create a forensic image of a suspect's hard drive, make sure you are using a hardware-based write blocking device. This ensures that your operating system does not alter the suspect's hard drive when you attach the drive to your computer.
+* ...