Paraben

From Forensics Wiki
Revision as of 23:12, 26 February 2007 by Jessek (Talk | contribs)

Jump to: navigation, search

40px-Ambox warning pn.png

This article, and others, needs to be wikified.
Please remove this template after wikifying.

Paraben offers a wide variety of tools for analyzing disk drives and portable devices like cell phones and PDAs.

Contents

Features

File Systems Understood

  • Major Windows formats
  • RAW format

Email Examiner

Their tool for searching email ("Email Examiner") can pull apart these files:

  • Outlook (PST)
  • Outlook Express (DBX)
  • AOL 6,7,8,9 (PFC)
  • MBox
  • Eudora
  • Mozilla Mail
  • Fox Mail
  • Juno
  • Calypso
  • MSN Mail
  • USENET newsgroups

File Search Facilities

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

  • With "Text Searcher". Offers complex queries and searching of slack space.
  • Comes with an index building wizard.

Hash Databases

Can it create hashes of files and/or blocks? Can it compare these hash values to any databases? What sort of hash functions does it use?

Evidence Collection Features

  • Offers a feature called "Case Agent Companion v1.0" for tracking what the case agent does.

History

License Notes

Commercial.

External Links

External Reviews