What goes in a forensic toolkit?

I second this.

If your in-house lab is for corporate cases, your needs are more geared toward eD, versus in-house at a local police station, where it is more forensics.

If you deal mostly on web based applications, (Google Apps, browsers, e-mail), your needs are different than a office where everything is local apps.

A software shop will have different need than a manufacturing plant.

And, so on…

If we can get a better understanding of your business, then we may be able to provide you a better answer.

I shoudl clarify…
…

Yes ) , maybe if you list the actual expected kind of activities the "in-house service" is likely to perform, some member could give you more specific advice, as opposed to "generic" lists.
I mean, as an example, if your firm only uses (say) BlackBerries as mobile communication devices, you will have no need for any "specific" iPhone tools, or if it the scope is exclusively "PC forensics" you won't have any need for tools related to Cell Phone forensics.

jaclaz

OK thanks again so far. The intent would be to able to provide an eD *and* full forensic service across all types of application and systems. Really what I'm looking for is a generalised kit to cater for most situations.

OK thanks again so far. The intent would be to able to provide an eD *and* full forensic service across all types of application and systems. Really what I'm looking for is a generalised kit to cater for most situations.

Unpacking your statement - you want to do most e-mail systems, most operating systems, most disk and disc file systems, most mobile devices, most mobile carriers, most storage solutions, most cell site analysis, most wifi analysis, most . . .

And, what is your initial and thereafter annual budget for this?

Is this a law enforcement shop or business?

Is this a shop for internal matters in a firm, or this is the business (selling eD/forensics services)?

We would also recommend our Belkasoft Evidence Center (http//belkasoft.com) as a tool used by forensic investigators worldwide and included into standard software lists in several countries.

One way to condense a couple of the above posts is"start with a standard maintenance case and then add forensic tools". (The advice in those posts is good. This is just to make sure the basic principle is not lost.)

But, something in-house is going to be very specific to the company. It will depend on what sorts of computers are being used, even what the company's policy is for buying/repairing and replacing computers.

Dom
-and what the company is willing/able to buy. Forensic tool cases can be….expensive.

I'll add a magnifying glass, a big one, it is extremely handy when working with mobile phones
if we a talking about mobiles surgical rubber gloves can be useful for to some hygienic separation
from device (also it goes for various USB devices) since such things can be hidden in body cavity ..

also a g3 od g4 connection can be also very usefull

As for software I'll suggest also encase portable.

I am given to understand that examining cell phones is almost a field unto itself. The equipment is expensive to buy and keeping it current to the sheer number of operating systems is time-consuming to the point where it rules out researching "normal" computer forensics.

since such things can be hidden in body cavity ..

0_o

Dom
-actually wants to build a workstation in the not too distant future.

… since such things can be hidden in body cavity ..

A bug extractor may also come handy in those cases
http//www.therpf.com/f9/total-recall-nose-bug-extractor-device-93000/

jaclaz

… since such things can be hidden in body cavity ..

A bug extractor may also come handy in those cases
http//www.therpf.com/f9/total-recall-nose-bug-extractor-device-93000/

jaclaz

Good one …. LOL