OSForensics – Beta

OSForensics - Screenshot
OSForensics is a new digital investigation tool which lets you extract forensic data or uncover hidden information from computers.

OSForensics has a number of unique features which make the discovery of relevant forensic data even faster, such as high-performance deep file searching and indexing, e-mail and e-mail archive searching and the ability to analyze recent system activity and active memory. OSForensics can build and let you view an events timeline which shows you the context and time of activities. You can even recover data and files that have been deleted by users! OSForensics comes with a built-in file viewer which lets you examine a file contents, properties and meta-data, as well as an e-mail viewer which is compatible with most popular mail client formats.
"If you ever need to analyze a computer in depth, OSForensics may be the tool you’re looking for."
Features:
  • Find files quickly:
    OSForensics allows you to search for files many times faster than the search functionality in Windows.
  • Search within Files:
    If the basic file search functionality is not enough, OSForensics can also create an index of the files on a hard disk. This allows for lightning fast searches for text contained inside the documents.
  • Search for Emails:
    An additional feature of being able to search within files is the ability to search email archives. The indexing process can open and read most popular email file formats (including pst) and identify the individual messages.
  • Recover Deleted Files:
    After a file has been deleted, even once removed from the recycling bin, it often still exists until another new file takes its place on the hard drive. OSForensics can track down this ghost file data and attempt to restore it back to useable state on the hard drive.
Uncover Recent Activity:
Find out what users have been up to. OSForensics can uncover the user actions performed recently on the system, including but not limited to:
  • Opened Documents..
  • Web Browsing History.
  • Connected USB Devices.
  • Connected Network Shares.
Collect System Information:
Find out what's inside the computer. Detailed information about the hardware a system is running on:
  • CPU type and number of CPUs.
  • Amount and type of RAM.
  • Installed Hard Drives.
  • Connected USB devices.
View Active Memory:
  • Look directly at what is currently in the systems main memory. Attempt to uncover passwords and other sensitive information that would otherwise be inaccessible.
  • Select from a list of active processes on the system to inspect.
  • OSF can also dump their memory to a file on disk for later inspection.
Extract Logins and Passwords:
  • Recover usernames and passwords from recently accessed
    websites in common web browsers, including Internet Explorer, Firefox, Chrome and Opera.
 
OSForensics 64-Bit Edition:
The 64-Bit Edition of OSForensics can be obtained HERE
 

OS requirements:
Win 2000/Win 2003/
Win Server 2008
Win XP/Vista/Win 7
32-Bit Edition
OSForensics - 32-Bit Edition

0 comments: