±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36231
New Yesterday: 4 Visitors: 140

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

First Forensic Suite Advice Please

Forensic software discussion (commercial and open source/freeware). Strictly no advertising.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2 
  

fraudit
Senior Member
 

Re: First Forensic Suite Advice Please

Post Posted: Sep 07, 12 13:32

Well, I expanded from forensic accounting into computer forensic area quite recently. I'm certainly not an expert but always was fond of digging into system's guts so I believe I have necessary prerequisite.

Anyway, I second for X-Ways - it's affordable and does its job. If you need some more sophisticated tools, I'm pretty sure you will find a GPL-licensed one!  
 
  

sgware
Member
 

Re: First Forensic Suite Advice Please

Post Posted: Sep 08, 12 00:50

Thanks for the feedback. I appreciate it. On the advice of the other respondents, I took another look at the freeware and open source tools that i have accumulated. I can't imagine needing more to do that job. That said, X-Ways is very attractive to me and at some point I will upgrade my WinHex specialist license.

So, for now I think I have the tools needed for the CFCE. I will definitely follow up with the results and commentary.

Scott  
 
  

marcyu
Senior Member
 

Re: First Forensic Suite Advice Please

Post Posted: Sep 08, 12 02:45

Scott,

I'm also a user of WinHex Specialist and it's one of the best tools in my arsenal. However, looking at the additional tools available with X-Ways Forensics, I don't believe it's worth the extra money for the upgrade. I would save my money for other software that you'll eventually need, such as RAID recovery, social media artifacts, password recovery, and cell phone acquisition.
_________________
Marc Yu
Vice President of Digital Forensics and e-Discovery 
 
  

LarryDaniel
Senior Member
 

Re: First Forensic Suite Advice Please

Post Posted: Sep 19, 12 06:43

A couple of thoughts: MacForensics Lab i.m.h.o. is very pricey for what you get as you can do everything with other tools. I know I can't justify the expense for that tool when we have others that work just fine for MAC forensics.

You might want to consider P2Commander suite as it handles email extremely well and does chat and some other parsing. I consider P2 commander to be a "semi-automatic" suite as it is closer to Xways than it is to FTK or EnCase. You can get a free demo copy of P2 Commander from Paraben. They have demos of most of their forensic software and their email tools are outstanding.

If you move into a commerical job, chances are you will need to use FTK or EnCase if that is the shop standard. You already have FTK in some form, so don't neglect it.

You can get a feel for EnCase by going through the EnCE Study Guide as I think it has a student version included with some sample evidence. At least it used to.

As you get down the road in your career, you will find that you will tend to use either the best tool for the job based on what you have available, or the only tools you are allowed to use based on where you work.

So keep your horizons broad and while you have the luxury of time, play with and learn all you can with a critical eye as to what gives you the best results and the most production.

Once you get into the workplace you will find the greatest limit on your ability to perform examinations is not tools but time and money. There is always a limit to how much you can spend on a case, either time, money or both, so what really matters is how efficient you can be, regardless of which tool you choose to employ. Whether you are in private practice, working for law enforcement or doing internal investigations, the idea is to turn cases as quickly and efficiently as possible without compromising quality.
_________________
Larry E. Daniel
DFCP, EnCE, BCE, ACE, AME, CTNS , CTA, CWA
Guardian Digital Forensics
"An Envista Forensics Company" 
 

Page 2 of 2
Page Previous  1, 2