Jump to content

PassMark OSForensics Professional 5.1 Build 1003


odin10
 Share

Recommended Posts

image.png

 

DESCRIPTION :

 

OSForensics allows you to identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory and binary data. It lets you extract forensic evidence from computers quickly with advanced file searching and indexing and enables this data to be managed effectively.

 

Features:

 

Discover Forensic Evidence Faster

Find files faster, search by filename, size and time

Search within file contents using the Zoom search engine

Search through email archives from Outlook, ThunderBird, Mozilla and more

Recover and search deleted files

Uncover recent activity of website visits, downloads and logins

Collect detailed system information

Password recovery from web browsers, decryption of office documents

Discover and reveal hidden areas in your hard disk

Browse Volume Shadow copies to see past versions of files

 

Identify Suspicious Files and Activity

Verify and match files with MD5, SHA-1 and SHA-256 hashes

Find misnamed files where the contents don't match their extension

Create and compare drive signatures to identify differences

Timeline viewer provides a visual representation of system activity over time

File viewer that can display streams, hex, text, images and meta data

Email viewer that can display messages directly from the archive

Registry viewer to allow easy access to Windows registry hive files

File system browser for explorer-like navigation of supported file systems on physical drives, volumes and images

Raw disk viewer to navigate and search through the raw disk bytes on physical drives, volumes and images

Web browser to browse and capture online content for offline evidence management

ThumbCache viewer to browse the Windows thumbnail cache database for evidence of images/files that may have once been in the system

SQLite database browser to view the and analyze the contents of SQLite database files

ESEDB viewer to view and analyze the contents of ESE DB (.edb) database files, a common storage format used by various Microsoft applications

Prefetch viewer to identify the time and frequency of applications that been running on the system, and thus recorded by the O/S's Prefetcher

Plist viewer to view the contents of Plist files commonly used by MacOS, OSX, and iOS to store settings

$UsnJrnl viewer to view the entries stored in the USN Journal which is used by NTFS to track changes to the volume

 

Manage Your Digital Investigation

Case management enables you to aggregate and organize results and case items

HTML case reports provide a summary of all results and items you have associated with a case

Centralized management of storage devices for convenient access across all OSForensics' functionality

Drive imaging for creating/restoring an exact copy of a storage device

Rebuild RAID arrays from individual disk images

Install OSForensics on a USB flash drive for more portability

Maintain a secure log of the exact activities carried out during the course of the investigation

 

SCREENSHOT :

 

screenshot_20170808_123947.jpg

 

 

INSTALLATION :

 

- Install

- Use the given serial key to activate

- Enjoy :)

 

INFO :

 

Title : PassMark OSForensics Professional 5.1 Build 1003

Language : English

File Size : 79 mb

 

DOWNLOAD

 

Rapidgator

Turbobit

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...