ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Paraben"

From ForensicsWiki
Jump to: navigation, search
Line 57: Line 57:
==External Reviews==
==External Reviews==

Revision as of 12:53, 3 April 2007

40px-Ambox warning pn.png

This article, and others, needs to be wikified.
Please remove this template after wikifying.

Paraben offers a wide variety of tools for analyzing disk drives and portable devices like cell phones and PDAs.


File Systems Understood

  • Major Windows formats
  • RAW format

Email Examiner

Their tool for searching email ("Email Examiner") can pull apart these files:

  • Outlook (PST)
  • Outlook Express (DBX)
  • AOL 6,7,8,9 (PFC)
  • MBox
  • Eudora
  • Mozilla Mail
  • Fox Mail
  • Juno
  • Calypso
  • MSN Mail
  • USENET newsgroups

File Search Facilities

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

  • With "Text Searcher". Offers complex queries and searching of slack space.
  • Comes with an index building wizard.

Hash Databases

Can it create hashes of files and/or blocks? Can it compare these hash values to any databases? What sort of hash functions does it use?

Evidence Collection Features

  • Offers a feature called "Case Agent Companion v1.0" for tracking what the case agent does.


License Notes


External Links

External Reviews