±Your Account
Membership:
New Today: 0
New Yesterday: 2
Overall: 24168
Visitors: 28±Latest Webinar
±Latest Articles
· Geo-tagging & Photo Tracking On iOS
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
· Windows 8: Important Considerations for Computer Forensics and Electronic Discovery
· KS – an open source bash script for indexing data
· Mobile Device Geotags & Armed Forces
· Categorization of embedded system forensic collection methodologies
· Interpretation of NTFS Timestamps
· What are ‘gdocs’? Google Drive Data – part 2
· What are ‘gdocs’? Google Drive Data
· Bad Sector Recovery
· Forensic Artifact: Malware Analysis in Windows 8
· Windows 8: Important Considerations for Computer Forensics and Electronic Discovery
±Follow Us
±Latest Jobs
Back to top
Skip to content
Skip to menu
Back to top
Back to main
Skip to menu
Go to page 1, 2, 3 ... 9, 10, 11 Next
What Forensic Software do you recommend if buying personally
What Forensic Software do you recommend if buying personally
Posted: Tue Dec 15, 2009 5:38 pm
I recently just passed my GCFA and was curious as to what software is good for analyzing data/memory, indexing files in allocated and unallocated space?
I realize everyone is going to say FTK or Encase but keep in mind, I am buying this with my own proceeds not the companys so what software program can you recommend?
I currently use Helix Pro & FTK Imager for obtaining images.
Any advice or insight would be great.
I realize everyone is going to say FTK or Encase but keep in mind, I am buying this with my own proceeds not the companys so what software program can you recommend?
I currently use Helix Pro & FTK Imager for obtaining images.
Any advice or insight would be great.
-
reedsie - Member
Re: What Forensic Software do you recommend if buying person
Posted: Tue Dec 15, 2009 5:45 pm
The best is the best, you can't be on a budget for software. For the most part every examiner has a copy of Encase and FTK in their toolbox, it would be good of you to get both.
Someone is having a sale on FTK in the for sale section. 2 copies for 3k, that is a steal.
_________________
Why order a taco when you can ask it politely?
Alan B. "A man can live a good life, be honorable, give to charity, but in the end, the number of people who come to his funeral is generally dependent on the weather. "
Someone is having a sale on FTK in the for sale section. 2 copies for 3k, that is a steal.
_________________
Why order a taco when you can ask it politely?
Alan B. "A man can live a good life, be honorable, give to charity, but in the end, the number of people who come to his funeral is generally dependent on the weather. "
-
armresl - Senior Member
Re: What Forensic Software do you recommend if buying person
Posted: Tue Dec 15, 2009 6:16 pm
I would love to if I had the money to do so....
Any other suggestions?
Any other suggestions?
-
reedsie - Member
Re: What Forensic Software do you recommend if buying person
Posted: Tue Dec 15, 2009 8:14 pm
I recommend you investigate the tools listed on the Open Source Digital Forensics web site. Also, "the Autopsy Forensic Browser is a graphical interface to the command line digital investigation analysis tools in The Sleuth Kit." (Brian Carrier)
-
ba2llb - Member
Re: What Forensic Software do you recommend if buying person
Posted: Tue Dec 15, 2009 8:40 pm
Thanks I have used this and I am looking for commercial software to use.
How about Xray forensics? Winhex to be exact.
Thanks
How about Xray forensics? Winhex to be exact.
Thanks
-
reedsie - Member
Re: What Forensic Software do you recommend if buying personally
Posted: Tue Dec 15, 2009 8:53 pm
Greetings,
X-Ways is the best value for the dollar if you're technically inclined. It is designed for knowledgeable analysts and the learning curve is a bit steep. Once you get up that curve, it is a very powerful, reliable, tool.
-David
_________________
CISSP, CCE, EnCE, Licensed Private Investigator (CA)
X-Ways is the best value for the dollar if you're technically inclined. It is designed for knowledgeable analysts and the learning curve is a bit steep. Once you get up that curve, it is a very powerful, reliable, tool.
-David
_________________
CISSP, CCE, EnCE, Licensed Private Investigator (CA)
-
kovar - Senior Member
Re: What Forensic Software do you recommend if buying personally
Posted: Tue Dec 15, 2009 10:16 pm
there's no need to purchase any software. There are enough free/open source solutions that a knowledgeable analyst could do everything that could be done with the commercial tools, and even more, using just what's freely available.
It's not about the tool...and analyst who's a "tool" will make a mess of a case regardless of whether they're using FTK or EnCase or anything else. There are plenty of free and open source solutions out there that a knowledgeable analyst can use to great effect.
I'm putting together an internal training package, and part of it includes analyzing an image. I'm doing the analysis, as well...oddly enough, I don't have any commercial tools at my disposal, but I'm already mostly completed with analysis AND reporting.
It's not about the tool...and analyst who's a "tool" will make a mess of a case regardless of whether they're using FTK or EnCase or anything else. There are plenty of free and open source solutions out there that a knowledgeable analyst can use to great effect.
I'm putting together an internal training package, and part of it includes analyzing an image. I'm doing the analysis, as well...oddly enough, I don't have any commercial tools at my disposal, but I'm already mostly completed with analysis AND reporting.
-
keydet89 - Senior Member