From ForensicsWiki
Revision as of 17:34, 21 March 2006 by Pw (Talk | contribs)

Jump to: navigation, search




SMART is a software utility that has been designed and optimized to support data forensic practitioners and Information Security personnel in pursuit of their respective duties and goals. The SMART software and methodology have been developed with the intention of integrating technical, legal and end-user requirements into a complete package that enables the user to perform their job most effectively and efficiently.

SMART is more than a stand-alone data forensic program. The features of SMART allow it to be used in many scenarios, including:

   *  "Knock-and-talk" inquiries and investigations
   *  on-site or remote preview of a target system
   *  post mortem analysis of a dead system
   *  testing and verification of other forensic programs
   *  conversion of proprietary "evidence file" formats
   *  baselining of a system

Who Uses SMART? SMART is currently utilized by:

   *  Federal, State and local Law Enforcement
   *  U.S. Military and Intelligence Organizations
   *  Accounting Firms
   *  Data forensic examiners
   *  Data recovery specialists
   *  Disaster recovery professionals
   *  Information security professionals
   *  Health care privacy professionals
   *  Internal auditors
   *  System Administrators

File Systems Understood


File Search Facilities

  • Lists allocated and unallocated files.
  • Sorts files by type.
  • Searches for keywords and regex.
  • Registry Viewer

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

  • Can use basic keyword searching.

Hash Databases

  • SHA
  • MD5
  • CRC

Evidence Collection Features

"Just about everything you do is logged in SMART. You can selectively export these log events into a simple HTML report."


License Notes

Is it commercial or open source? Are there other licensing options?

External Links


External Reviews