OSForensics V9
OSForensics V9 lets you extract forensic evidence from computers quickly with high-performance file searches and indexing. Identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory, and binary data. Manage your digital investigation and create reports from collected forensic data. Phone, E-mail, Forum support, plus free upgrades, for 12 months after purchase are included.
OSForensics Version 9 new features and improvements to include: Map Viewer, Auto Triage, Boot VM, Clipboard Viewer and Signatures Module, Create/Search Index, Disk Preparation, Decrypt File, Deleted File Recovery, Device Manager. Email Viewer, Event Log Viewer, File Name Search, Hash Sets and Create Hash, Internal Viewer, Mismatch Search, Password Recovery, Program Artifacts, Raw Disk Viewer, System Information, Thumbnail Viewer, Tag/Untag, User Activity, Start Menu, Workflow, Python API, Remote Server, Security
Configuration:
Image represented in photograph is a stock image; customizations will render each system unique.
PRODUCT DESCRIPTION
OSForensics (v11) lets you extract forensic evidence from computers quickly with high-performance file searches and indexing. Identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory and binary data. Manage your digital investigation and create reports from collected forensic data.
OSForensics Version 11 new features and improvements to include:
Android Artifacts
- Updated to allow double-clicking tagged items from Manage Case dialog to open module, select the item on the tree-view and display on the tab view
- Updated list-view:
- Added Tag Flag column
- Added Read column to the MMS/SMS Messages
- Added Read/Unread status to the preview
- Removed Read column from Conversations
- Updated right-click menu options
Deleted Files
Added additional sanity checks to JPG carving to prevent buffer out of bounds access
Disk Imaging
Display total time taken and average speed after imaging
File Viewer
Fixed issue opening docx files with non-ASCII filenames
Hash Sets
- Fixed issue where some Project VIC sets could not be imported
- Changed import button to resize after changing selection
Prefetch Viewer
Fixed possible crash when prefetch artifact paths are too long
User Activity
- Added evidence location column to the Windows Search category list-view
- Fixed possible crash when running Event Log option with Linux image
$UsnJrnl Viewer
Added line to indicate what the entries with the file name in read represent
Misc
- Added minimum size limits to SQLite Browser and Registry Selection windows
- Updated VolatilityWorkbench to V3.0.1007
Related products
Advanced Sage Password Recovery
$79.00
Advanced Office Password Breaker
$99.00
ODC Recon
$756.00
E3 Computer
$3,295.00
Online Purchases and Pricing are for the US only.