ProDiscovery

From Forensics Wiki
Revision as of 11:01, 6 March 2006 by Pw (Talk | contribs)

Jump to: navigation, search

Contents

ProDiscovery

This tool from Tech Pathways will gather data from most major file systems and perform some analysis.

website



Features

File Systems Understood

  • FAT12, FAT16, FAT32
  • NTFS
  • Solaris UFS
  • Linux ext2/ext3

File Search Facilities

  • Uses a set of Perl scrypts.

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

Can it search? Does it build an index? Can it focus on file types or particular kinds of metadata?

Hash Databases

Can it create hashes of files and/or blocks? Can it compare these hash values to any databases? What sort of hash functions does it use?

Evidence Collection Features

  • Generates an XML-based report about the analysis.


History

License Notes

Commercial.

External Links

website


External Reviews