With the rise of MS Outlook usage, Investigators are often greeted with Outlook data (PST) files while extracting evidence. Designed and deployed with resilient algorithms, the tool automatically detects, decompresses, and recursively re-processes compressed data that also reveals crucial data residing in unallocated spaces. It could also be utilized to scan and process any digital media such as SSD, memory cards, TCP/IP network packet dumps, hardware and other media, that makes it amongst the most preferred tool in the Digital Forensics Industry. Peculiarity: Bulk Extractor is known for its agility and precision as it skips the time other tools take to scan and modulate file system structures. Bulk Extractor comes in handy as it does not parse the file system or structures hence rocketing its scan and preview time and saving crucial investigative time. The extracted details are output into a series of text based files that can further be reviewed or analyzed with other scripts or tools of forensics usage. This forensic utility scans an entire disk image, file directory, or files along with extraction of information like domains, credit card details, email IDs, ZIP file contents or URLs. It ensures that the compromised or deliberately purged email data is retrieved and previewed without getting into the trouble of deploying a server environment and examining the acquired data precisely. Peculiarity: The application is suitable for accessing Exchange Server Database of any given size (as per tests with 1.8 TB EDB) even in a non-server environment with preview provided for all components of each mailbox listed. Deep Email Data Carving is an additional feature that the software serves with its advanced scan mode. Both Private and Public folder support is provided along with no size limitation imposed on the database. The standalone tool offers a preview of the complete Exchange database mailbox items whether in corrupt or healthy state. The Investigator’s immediate remedy is EDB Viewer, that serves the need to preview an Exchange server database in a hostile Windows environment. While investigating an Acquired Exchange Server Database EDB file without the actual server deployment becomes quite troublesome. Inbuilt hex, text, and multimedia file viewers.Extraction on technical details regarding a device.Device Rooting,that helps in most of the cases while carving crucial artifacts as they are available to acquire and access only in a rooted / Jail-broken device.Peculiarity: Oxygen Forensic Suite is possibly one of the leading digital forensic platforms, but it also offers high-end facilities in its Standard Edition, and that sets this utility apart from all the others. The tool features options to collect information from the device (OS, Manufacturer, S.no, IMEI, etc.), messages (SMS, Emails, Multimedia Message, etc.) and contact numbers, along with recovery of erased call records, messages and information from tasks and the calendar. Cases involving the collection of evidence from mobile phones can be dealt with this utility in a Standard Edition (that can be collected on request from the vendor’s site). Specially dedicated to mobile forensics investigation, Oxygen Forensics has slowly upgraded its features with investigative usefulness. Here is a compilation of the top 10 free utilities that might come handy for forensic investigator’s requirements on an elementary level. However, keeping a mutual application handy for similar file types is feasible. It isn’t a practically possible approach to possess a supporting application for every different file type an investigator comes across. Thus, the industry offers an extensive range of freeware utilities to bridge the gap. However, deploying a platform each for the files to be examined is a tedious procedure to be followed out every time. Owing to the fact, a platform is necessary for both opening as well as examining any file. The foremost challenge encountered by an investigator at the very beginning of a forensics investigation is, accessing a file/data to read/view its contents.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |