提取取證資料或從電腦中發現隱藏訊息 PassMark OSForensics Professional 1.2.1000
提取取證資料或從電腦中發現隱藏訊息 PassMark OSForensics Professional 1.2.1000
OSForensics是一個新的數字調查的工具,它可以提取取證資料或從電腦中發現隱藏的訊息。
OSForensics有許多獨特的功能,這使得發現關聯的取證資料的速度更快,如高效能深度搜尋檔案和索引,電子信件和電子信件存檔搜尋和分析能力,最新的系統及活性記憶體。
OSForensics可以建立,讓你檢視一個事件的時間表,這顯示你活動的內容和時間。
您甚至可以恢復已被刪除的使用者的資料和檔案。
OSForensics配備了一個內建的檔案瀏覽器,可以讓你檢查一個檔案的內容,屬性和元資料,電子信件以及瀏覽器,相容最流行的信件用戶端格式。
在檔案中搜尋
如果基本檔案搜尋功能是不夠的,OSForensics還可以建立索引的檔案在硬碟上。這使得快如閃電的搜尋文字檔案內所載。
技術Wrensoft廣受好評的縮放搜尋引擎背後的技術。
搜尋信件
能夠搜尋檔案內的另一個特點是能夠搜尋電子信件歸檔。
索引過程中可以開啟和閱讀最流行的電子信件格式的檔案(PST),並確定個人訊息。
這使得一個快速的系統上發現的任何電子信件的文字內容搜尋
恢復已刪除的檔案
已被刪除的檔案後,甚至一度從回收箱,它往往仍然存在,直到另一個新的檔案取代它的位置在硬碟機。
OSForensics可以追蹤到這個的ghost檔案資料,並試圖將其恢復到可用狀態的硬碟機上。
揭開近期活動
瞭解哪些使用者已高達。 OSForensics可以發現最近在系統上執行的使用者操作,內含但不限於:
開啟的文件
網頁瀏覽歷史
連線的USB裝置
連線網路共享
收集系統訊息
尋找出的電腦裡面有什麼。詳細訊息的硬體系統上運行:
的CPU的CPU的類型和數量
數量和類型的RAM
安裝硬碟機
連線的USB裝置
等等。
檢視活動的記憶體
看看什麼是目前的系統主記憶體。嘗試發現密碼和其他敏感訊息,否則將無法訪問。
從活動程式的清單中選取系統檢查。 OSF也可以其記憶體轉儲到磁碟上的檔案,以備後查。
提取的登入名和密碼
恢復從最近訪問過的網站的使用者名和密碼,在常見的網頁瀏覽器,內含IE瀏覽器,火狐,Chrome瀏覽器和Opera。
OSForensics is a new digital investigation tool which lets you extract forensic data or uncover hidden information from computers. OSForensics has a number of unique features which make the discovery of relevant forensic data even faster, such as high-performance deep file searching and indexing, e-mail and e-mail archive searching and the ability to analyze recent system activity and active memory. OSForensics can build and let you view an events timeline which shows you the context and time of activities. You can even recover data and files that have been deleted by users. OSForensics comes with a built-in file viewer which lets you examine a file contents, properties and meta-data, as well as an e-mail viewer which is compatible with most popular mail client formats.
Search within Files
If the basic file search functionality is not enough, OSForensics can also create an index of the files on a hard disk. This allows for lightning fast searches for text contained inside the documents. Powered by the technology behind Wrensoft's acclaimed Zoom Search Engine.
Search for Emails
An additional feature of being able to search within files is the ability to search email archives. The indexing process can open and read most popular email file formats (including pst) and identify the individual messages.
This allows for a fast text content search of any emails found on a system
Recover Deleted Files
After a file has been deleted, even once removed from the recycling bin, it often still exists until another new file takes its place on the hard drive. OSForensics can track down this ghost file data and attempt to restore it back to useable state on the hard drive.
Uncover Recent Activity
Find out what users have been up to. OSForensics can uncover the user actions performed recently on the system, including but not limited to:
Opened Documents
Web Browsing History
Connected USB Devices
Connected Network Shares
Collect System Information
Find out what's inside the computer. Detailed information about the hardware a system is running on:
CPU type and number of CPUs
Amount and type of RAM
Installed Hard Drives
Connected USB devices
and much more.
View Active Memory
Look directly at what is currently in the systems main memory. Attempt to uncover passwords and other sensitive information that would otherwise be inaccessible.
Select from a list of active processes on the system to inspect. OSF can also dump their memory to a file on disk for later inspection.
Extract Logins and Passwords
Recover usernames and passwords from recently accessed websites in common web browsers, including Internet Explorer, Firefox, Chrome and Opera.
提取取證資料或從電腦中發現隱藏訊息 PassMark OSForensics Professional 1.2.1000 | Home Page: http://www.osforensics.com
提取取證資料或從電腦中發現隱藏訊息 PassMark OSForensics Professional 1.2.1000 / Size: 41.07 MB