Difference between pages "File Analysis" and "Adroit Photo Forensics"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
(Tools)
 
 
Line 1: Line 1:
{{Expand}}
+
{{Infobox_Software |
 +
  name = Adroit Photo Forensics (APF) |
 +
  maintainer = [[Digital Assembly]] |
 +
  os = {{Windows}} |
 +
  genre = {{Analysis}} |
 +
  license = {{Commercial}} |
 +
  website = [http://www.digital-assembly.com/products digital-assembly.com] |
 +
}}
  
'''File analysis''' is an important part of [[computer forensics]].
+
'''Adroit Photo Forensics''' ('''APF''') is a commercial forensic software package distributed by [[Digital Assembly]].
 +
It specializes in the recovery and analysis of digital photographs.
  
== Introduction ==
+
=Features=
  
...
+
Adroit Photo Forensics can parse a number of filesystems, including [[FAT]] 12/16/32, [[NTFS]], [[HFS]], and [[HFS]]. It can
 +
read from [[EnCase]] as well as raw/[[dd]] images.  
  
== Malware Forensics ==
+
It is best known for implementing the [[File_Carving:SmartCarving|SmartCarving]] and [[File_Carving:SmartCarving|GuidedCarving]]
 +
algorithms to recover fragmented photos.
  
...
+
== Exif ==
  
== Tools ==
+
Adroit Photo Forensics also parses exif data and can be used to view and group files based on exif date stamps instead of
 +
file system date stamps. APF also includes a full zoomable time-line viewer based on exif and file system date stamps.
  
; [[Prevx1]]
+
== Other Features ==
: http://fileinfo.prevx.com/
+
: Very helpful site that identifies/tracks/analyzes 100,000 new executable programs per day around the globe. The have a heuristic engine capable of sorting the good from the bad/harmful ([[malware]]).
+
  
[[Hachoir]] — Python framework for binary file manipulation
+
Adroit Photo Forensics interface is optimized for the display of photos. APF also include grouping and sorting options that are
 +
photo relevant.
  
 
== External Links ==
 
== External Links ==
  
* ...
+
[http://digital-assembly.com/products/adroit-photo-forensics/ Adroit Photo Forensics Product Information]

Revision as of 13:59, 26 October 2009

Adroit Photo Forensics (APF)
Maintainer: Digital Assembly
OS: Windows
Genre: Analysis
License: Commercial
Website: digital-assembly.com

Adroit Photo Forensics (APF) is a commercial forensic software package distributed by Digital Assembly. It specializes in the recovery and analysis of digital photographs.

Contents

Features

Adroit Photo Forensics can parse a number of filesystems, including FAT 12/16/32, NTFS, HFS, and HFS. It can read from EnCase as well as raw/dd images.

It is best known for implementing the SmartCarving and GuidedCarving algorithms to recover fragmented photos.

Exif

Adroit Photo Forensics also parses exif data and can be used to view and group files based on exif date stamps instead of file system date stamps. APF also includes a full zoomable time-line viewer based on exif and file system date stamps.

Other Features

Adroit Photo Forensics interface is optimized for the display of photos. APF also include grouping and sorting options that are photo relevant.

External Links

Adroit Photo Forensics Product Information