论坛风格切换
 
  • 帖子
  • 日志
  • 用户
  • 版块
  • 群组
帖子
购买邀请后未收到邀请联系sdbeta@qq.com
  • 4496阅读
  • 8回复

[行业软件]PassMark OSForensics Professional 7.0 Build 10016 [复制链接]

上一主题 下一主题
离线030711
 

发帖
1502
今日发帖
最后登录
2023-11-07
只看楼主 倒序阅读 使用道具 楼主  发表于: 2019-08-13 21:36:08

PassMark OSForensics Professional 7.0 Build 10016 | 128.6 Mb

OSForensics allows you to identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory and binary data. It lets you extract forensic evidence from computers quickly with advanced file searching and indexing and enables this data to be managed effectively.

Discover Forensic Evidence Faster:
Find files faster, search by filename, size and time
Index and Search within the file contents of Office, Acrobat documents, image files and more
Search through email archives from Outlook, ThunderBird, Mozilla and more
Recover and search deleted files
Uncover recent activity of website visits, downloads and logins
Collect detailed system information
Password recovery from web browsers, decryption of office documents
Discover and reveal hidden areas in your hard disk
Browse Volume Shadow copies to see past versions of files

Identify Suspicious Files and Activity:
Verify and match files with MD5, SHA-1 and SHA-256 hashes
Find misnamed files where the contents don't match their extension
Create and compare drive signatures to identify differences
Timeline viewer provides a visual representation of system activity over time
File viewer that can display streams, hex, text, images and meta data
Email viewer that can display messages directly from the archive
Registry viewer to allow easy access to Windows registry hive files
File system browser for explorer-like navigation of supported file systems on physical drives, volumes and images
Raw disk viewer to navigate and search through the raw disk bytes on physical drives, volumes and images
Web browser to browse and capture online content for offline evidence management
ThumbCache viewer to browse the Windows thumbnail cache database for evidence of images/files that may have once been in the system
SQLite database browser to view the and analyze the contents of SQLite database files
ESEDB viewer to view and analyze the contents of ESE DB (.edb) database files, a common storage format used by various Microsoft applications
Prefetch viewer to identify the time and frequency of applications that been running on the system, and thus recorded by the O/S's Prefetcher
Plist viewer to view the contents of Plist files commonly used by MacOS, OSX, and iOS to store settings
$UsnJrnl viewer to view the entries stored in the USN Journal which is used by NTFS to track changes to the volume

Manage Your Digital Investigation:
Case management enables you to aggregate and organize results and case items
HTML case reports provide a summary of all results and items you have associated with a case
Centralized management of storage devices for convenient access across all OSForensics' functionality
Drive imaging for creating/restoring an exact copy of a storage device
Rebuild RAID arrays from individual disk images
Install OSForensics on a USB flash drive for more portability
Maintain a secure log of the exact activities carried out during the course of the investigation

Professional and Bootable Editions:
The professional and bootable editions of OSForensics have many features not available in the free edition, including;
Import and export of hash sets
Customizable system information gathering
No limits on the amount of cases being managed through OSForensics
Restoration of multiple deleted files in one operation
List and search for alternate file streams
Sort image files by colour
Disk indexing and searching not restricted to a fixed number of files
No watermark on web captures
Multi-core acceleration for file decryption
Customizable System Information Gathering
View NTFS directory $I30 entries to identify potential hidden/deleted files

New in V7:
Ability to boot an image as a Virtual Machine from OSForensics.
Addition of System Resource Usage Monitor (SRUM) database scanning for User Activity collection
OCR (Optical character recognition) allows you to search for text within PDF files
New built in hash sets for: Keyloggers, VPN Software, Peer to Peer (P2P) software, Cryptocurrency
Support for importing Project VIC hash sets.

System Requirements:
Windows Vista, Win 7, Win 8, Win 10, Server 2000, 2003, 2008, 2012
Minimum 1GB of RAM. (4GB+ recommended)
200MB of free disk space, or can be run from USB drive

Home Page - https://www.osforensics.com/


本部分内容设定了隐藏,需要回复后才能看到


软件下载咨询邮箱: sdbeta@qq.com (回复及时)
 
离线peterlou

发帖
279
今日发帖
最后登录
2024-12-21
只看该作者 沙发  发表于: 2020-04-07 12:10:26
这个可以以后用于密码忘记解决
离线bladereturn

发帖
33
今日发帖
最后登录
2024-12-13
只看该作者 板凳  发表于: 2020-10-20 18:16:23
感谢分享,正需要这个软件
离线老鼠下蛋

发帖
66
今日发帖
最后登录
2024-12-21
只看该作者 地板  发表于: 2021-05-21 09:40:31
好东西 ,试试看
离线loupeter

发帖
152
今日发帖
最后登录
2024-12-15
只看该作者 地下室  发表于: 2021-05-21 15:05:10
这个用来练习不错哦
离线aaazzz999

发帖
2
今日发帖
最后登录
2023-06-04
只看该作者 5 发表于: 2023-06-04 20:50:26
回复下载下载
软件下载咨询邮箱: sdbeta@qq.com (回复及时)
 
离线lvjian2002

发帖
558
今日发帖
最后登录
2024-03-27
只看该作者 6 发表于: 2023-06-05 08:33:33
好东西呀  我要下载过来看看先
离线castory809

发帖
3440
今日发帖
最后登录
2024-12-23
只看该作者 7 发表于: 2023-06-05 15:21:42
感谢分享  
离线dgd2019

发帖
8383
今日发帖
最后登录
2024-12-21
只看该作者 8 发表于: 2023-06-06 16:11:04