{"id":175,"date":"2016-04-13T16:20:23","date_gmt":"2016-04-13T16:20:23","guid":{"rendered":"http:\/\/eventlogxp.com\/blog\/?p=175"},"modified":"2016-04-13T16:31:13","modified_gmt":"2016-04-13T16:31:13","slug":"9-vendors-of-digital-forensics-you-may-have-missed-part-2","status":"publish","type":"post","link":"https:\/\/eventlogxp.com\/blog\/9-vendors-of-digital-forensics-you-may-have-missed-part-2\/","title":{"rendered":"9 Vendors of Digital Forensics You May Have Missed. Part 2"},"content":{"rendered":"

In the previous post<\/a> we talked about 010 Editor, Event Log Explorer, ElcomSoft and Oxygen forensic solutions.\u00a0In this blog post, we continue the brief review of prominent forensic tools.<\/p>\n

Next on our list is Belkasoft.<\/p>\n

Belkasoft Evidence Center 2016<\/h2>\n

Belkasoft Evidence Center<\/a> is an all-around forensic solution to pinpoint, extract and review digital evidence stored on desktop computers, laptops and mobile devices.<\/p>\n

\"Belkasoft<\/a>The Belkasoft product supports a wide range of devices. It can parse physical and logical drives, virtual machines, mobile device backups, JTAG, UFED images and chip-off dumps. Belkasoft Evidence Center performs an automated search for evidence and seamlessly identifies 700+ types of digital artifacts. Once the search is over, you can apply various filters for more granular results.<\/p>\n

Belkasoft restores damaged or incomplete SQLite databases, and retrieves removed records and cleared history. It can glean crucial information from online chats and social networks, private browsing sessions, cleared browser history, cloud usage history, and more.<\/p>\n

SQLite, Registry, and PList viewers enable the user to target specific data types and, ultimately, get more evidence than an automatic search would unveil. Other in-built analysis tools include File System Explorer, Hex Viewer and Type Converter for multi-aspect low-level examination of the content.<\/p>\n

Belkasoft Evidence Center is deeply integrated with EnCase Version 7. This enables forensic investigators to obtain a multitude of evidence types supported by Evidence Center through the familiar EnCase interface. The integration is made possible with the free \u201cBelkasoftDataImport\u201d plugin.<\/p>\n

Rusolut\u2019s Visual Nand Reconstructor<\/h2>\n

Rusolut is a manufacturer of Visual Nand Reconstructor<\/a> (VNR), a comprehensive hardware and software data recovery and forensic analysis solution for damaged flash devices. The Reconstructor allows you to retrieve data from a multitude of Flash memory formats. The unique feature of Rusolut\u2019s product is the ability to automate data structure recognition and dramatically speed up the recovery process.<\/p>\n

\"Rusolut<\/a>The embedded base of NAND chips and controller configurations caters to most known chips. The database is subject to regular updates by the Rusolut team and their tech partners. A built-in file system viewer operates with the most commonly used file systems \u2013 FAT and NTFS.<\/p>\n

VNR makes reverse engineering easy with special modes of data visualization and multi-tier descriptions of image structure. The special scrambler extraction mode enables successful data decryption even with new devices.<\/p>\n

Despite its complex functionality, VNR offers a user-friendly interface with unified controls to help restore and analyze data in a more efficient manner. These include automatic analysis features that facilitate image reconstruction and data recovery. Check out the elaborate documentation<\/a> to see if your investigation finds the right solution with Rusolut.<\/p>\n

Passware Kit Forensic<\/h2>\n

Passware<\/a> focuses on password recovery and caters to numerous use cases. Its Kit Forensic is a comprehensive evidence discovery solution that detects and decrypts all password-protected items on a computer.<\/p>\n

\"Passware<\/a>Passware helps to recover or reset passwords for 200+ document types, including Windows, Word, Excel, QuickBooks, Access, Acrobat, etc. Kit Forensic scans for encrypted evidence, and performs live memory analysis and batch processing.The software works smoothly with BitLocker, TrueCrypt, FileVault2 and PGP; it supports GPU, TACC, Distributed Computing, and Rainbow Tables. Kit Forensics integrates easily with Guidance EnCase v7 in case the user needs to match collected data across two systems.<\/p>\n

Check out the references<\/a> and learn how Passware tools have resolved real situations; for instance, their operations on cracking otherwise undecipherable passwords in child pornography cases. In those projects, Passware helped investigators from the Swedish and US police forces with equally successful results.<\/p>\n

Passcovery<\/h2>\n

Passcovery Co. Ltd.<\/a> offers forensics, corporate and home users performance-driven password recovery.<\/p>\n

Their flagship Passcovery \"passcovery\"<\/a>Suite successfully operates with Microsoft Office, OpenOffice, PDF, ZIP\/RAR, iOS\/Blackberry back-ups, TrueCrypt volumes and WPA\/WPA2 handshakes. The Suite uses an embedded macro language for sophisticated password generation assignments.\u00a0The key focus of Passcovery is fast retrieval of data. The software boasts great recovery speeds, as well as optimization for AMD\/ATI and NVIDIA video cards. Passcovery detects your CPU type and operates accordingly to deliver optimal performance. Whenever possible, it employs GPU password recovery with AMD and NVIDIA video cards.<\/p>\n

Plus, Passcovery can leverage multiple video cards at the same time.<\/p>\n

PasswordLastic<\/h2>\n

PasswordLastic<\/a> is another password retrieval solution focused on Microsoft Windows and Office products.<\/p>\n

The tool offers\"Office<\/a> an online password cracking service that helps to crack Word and Excel documents in no time. Office Password Recovery Lastic supports MS Word, Excel, PowerPoint, Outlook and Access files, as well as embedded VBA projects.<\/p>\n

Windows Password Recovery Lastic helps to restore access to the operating system. Run the software on an available computer and create a bootable USB stick or CD\/DVD. Boot from it on the required computer and reset the password for any of the previous accounts. Plus, the program saves password hashes for in-depth cracking and recovery of previously removed passwords.<\/p>\n

Other standalone versions cater to Outlook, Excel, Word and VBA projects. Easy-to-use and effective tool for average users and forensic experts alike.<\/p>\n

Bottom line<\/h2>\n

If you are interested in professional forensic tools, make sure you research the market. Digital forensics is entering a golden era in terms of technology, and the offering is abundant, so define your goals and budget first, then determine which one addresses your particular investigative needs.<\/p>\n\"Facebook\"<\/a>\"twitter\"<\/a>\"reddit\"<\/a>\"pinterest\"<\/a>\"linkedin\"<\/a>\"mail\"<\/a>","protected":false},"excerpt":{"rendered":"

In the previous post we talked about 010 Editor, Event Log Explorer, ElcomSoft and Oxygen forensic solutions.\u00a0In this blog post, we continue the brief review of prominent forensic tools. Next on our list is Belkasoft. Belkasoft Evidence Center 2016 Belkasoft Evidence Center is an all-around forensic solution to pinpoint, extract and review digital evidence stored on desktop computers, laptops and mobile devices. The Belkasoft product\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":4,"featured_media":182,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[40],"tags":[51],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/posts\/175"}],"collection":[{"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/comments?post=175"}],"version-history":[{"count":4,"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/posts\/175\/revisions"}],"predecessor-version":[{"id":185,"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/posts\/175\/revisions\/185"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/media\/182"}],"wp:attachment":[{"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/media?parent=175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/categories?post=175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/eventlogxp.com\/blog\/wp-json\/wp\/v2\/tags?post=175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}