Digital Forensics Tools
It’s our ongoing commitment to earn and retain the trust that our customers place in us. We do this by delivering top quality Cyber Forensic Services and training provided by highly skilled and qualified individuals within a speedy turnaround time at a cost that provides value for money.
- Acme Portable
- Amped Five
- EDEC Digital Forensics
- BlackBag Technologies
- CCTV Lab in a box
- Get Data
- CRU Inc
- Lab in a box
- Media Sonar
- Magnet Forensics
- Oxygen Forensic
- Tactical Electronics
- Tracks Inspector
ACME Portable Machines, Inc. is an industry-leading manufacturing company that specializes in rugged portable computers. They provide high-performance, unique computers that are customized specifically for your needs. These computers are used in a number of industries, including digital media and broadcasting, and Digital and computer forensics.The digital forensics computer range is designed and developed to become the ideal digital forensic tool. This means that the packages comes with all the hardware and software integrated into the system.
iVe is a vehicle system forensic tool that acquires user data from vehicles, and allows forensic examiners and investigators to quickly and intuitively analyse it. iVe allows investigators to acquire mobile phone data from vehicles that the device has synced to in the past.
Vehicle infotainment and telematics systems store a vast amount of data such as recent destinations, favourite locations, call logs, contact lists, text messages, emails, images, videos, social media feeds, and the navigation history of the vehicle. Many systems record events such as when and where a vehicle’s lights are turned on, which doors are opened and closed at specific locations, and even where the vehicle is when Bluetooth devices connect.
Write blockers are devices that allow extraction of information on a drive without creating the possibility of accidentally damaging the drive contents. They achieve this by allowing read commands to pass but by blocking write commands. There are two types of write blockers, Native and Tailgate.
- A Native device uses the same interface for both in and out, for example a IDE to IDE write block.
- A Tailgate device uses one interface for one side and a different one for the other, for example a Firewire to SATA write
Lab in a Box
The Lab in a Box is a self-contained digital forensic lab housed in a rugged “Pelican/ Storm” enclosure. The box contains all the necessary tools that forensic experts will require to acquire, examine, analyze and extract evidence from digital devices. It is a single forensic solution that caters for the full spectrum of in-field and on the bench forensic technologies. Contents of Lab-In a Box includes:
Pelican Storm Case :
XRY Complete Hardware
- Tableau TD2
- Tableau T6es Data Bridge
- Tableau Hard Disc Adaptor Kit
- Wiebetech Ultradock
- Wiebetech USB Write Blocker
- Wiebetech Drive Eraser
- Computer Technicians Toolkit
XAMN is an MSAB analytical tool designed specifically for visualizing mobile device forensic files extracted from mobile devices by MSAB’s XRY. It has an easy to use interface and allows users to view the contents of up to 50 different XRY files in one place to compare data from different devices simultaneously and find connections if any are present.
XRY is a MSAB package containing both hardware and software to read the device information.The software is designed to retrieve information from mobile devices for immediate display of the results. The files can be saved for later analysis. Support levels included smartphones,GPS units and mobile tablets such as the iPad.
MSAB XRY Kiosk
The XRY Kiosk from MSAB offers the ability to recover mobile data quicker than ever. It is a forensic tool designed for first responders where mobile data recovery is just one part of their responsibilities.With its touch screen interface it is designed to quickly and easily recover data from mobile devices. With the Kiosk you can plug in the mobile device, touch the screen and extract the data within minutes.
Kiosk Key Features include
- Dedicated Turnkey Terminal Solution
- Easy Touch Screen Data Extraction
- File Export to Disc or Drive
- Immediate Reporting
- Integrated Write Protected Memory Card Reader
- LED In-Use Visual Indicator
- SIM Card Reader
- Unique Help File for Every Device
- User Control and Administration
- XRY Cable Kit and Organizer
DRS(Data Recovery System) from SalvationDATA Technology is the next generation intelligent data recovery system which can help you recover data from different drives, even can’t be recognized by PC normally. Having integrated with main functions as physical diagnosis, data recovery and data imaging, more functional features as fragment recovery, RAIDx automatic reallocation, break-point recovery, USB3.0 support have been included in DRS as well. Especially for the workflow of digital forensics, read-only port has been embedded in DRS to ensure that data has not been tampered. Besides, DRS can generate and output detailed reports so that the investigations process can be clearly documented.
Products from SalvationDATA Technology includes:
- SQLite SmartPhone Recovery Master-Pro
- SmartPhone Forensics System
- Mobile Visualization Track Forensics System
- Video Investigation Combat System
- Data Recovery System IV
Amped Five is an image and video enhancing application designed for analysing and enhancing video footage during investigations. It provide forensic investigators with a complete and unique solution to process and analyse digital images and video data in a simple, fast and precise way. It uses a variety of techniques to enhance while maintaining the original evidence integrity in an easy to use way. It is commonly used in law enforcement to improve a surveillance video output from CCTV taken at a crime scene. With the use of cell phone footage becoming common practice in criminal cases by law enforcement, the application is a must for forensic investigators.
BlackBag Technologies develops innovative forensic acquisition and analysis software for Mac OS X, iPhone/iPad, Windows and Andriod devices. BlackBag solutions serves a wide range of clients, including federal, state, and local law enforcement agencies, as well as leading private sector security, legal, and personnel professionals. BlackBag curently offers the following products:
- Softblock - Software-based write-blocking tool built to run on Mac OS X forensic analysis machines
- MacQuisition - Live data acquisition, targeted file collection and forensic imaging software for MAC OS X
- Mobilyze - Mobile data acquisition, triage and reporting for Android and iOS devices
- BlackLight - Comprehensive Mac, Windows and iPhone/iPad forensics analysis software
With so many models of Digital Video Recorders (DVRs) in the field, this make it near impossible to keep up with all the changes in technology. At times this could result to extended amounts of time for the examiner to learn and extract from that specific DVR or loss in quality of the footage as a result of compression. DVR Examiner identifies the unique filesystem of the DVR, regardless of the make or model, scans the DVR hard drive and recovers the proprietary metadata that presents you with a complete list of available video clips.
F-Response is an easy to use software tool that enables “Live” forensics and eDiscovery over IP networks using the examiner’s tools of choice. Physical memory, disks, and volumes of the machines under inspection appear on the examiner’s machine as locally attached, read-only devices. F-Response grants read-only access to the full physical disks and physical memory (RAM) of Microsoft Windows computers via the network connection between the examiner’s computer and the computer under inspection, over the network.
Magnet AXIOM is a digital investigation platform that is used to discover, analyse and report on digital evidence gathered from various types of drives and devices. It consists of the process and examine component. The processing component uses automation to streamline the acquisition and processing tasks required to prepare evidence for examination. While the examining component enables efficient analysis of large volumes of data, which results in quick identification and validation of evidence.
Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located online. The basic focus of Maltego is analysing real world relationships between information that is publicly accessible on the internet. This includes foot printing internet infrastructure as well as gathering information about the people and organisation that own it.
MD5 - VFC
VFC seamlessly and expeditiously re-creates a virtual crime scene from either the original evidence drive itself or the forensic copy of the suspect system. The VFC process normally takes less than a minute, with average system start up times of the virtual clone ranging from between 2-5 minutes. Crucially for the forensic investigator, the process never alters the original evidence and can be repeated at will.
It provides a straightforward and user-friendly interface that can be used by any investigative agency, be it criminal or civil, in order to quickly ascertain the need for further examination of a system.
The VFC method enables any legal professional to experience the suspect system in its own ‘virtual’ environment, accessing the original data but leaving it wholly intact.
Passware is a password recovery and reset tool with support for more than 200 file types and hard drive decryption in an all in one user interface. For the last 16 years Passware has been helping Fortune 500 corporations, worldwide police agencies, federal, state, and local government agencies, IT and forensic professionals, and tens of thousands of businesses and private users with their password problems. It recovers passwords form multiple platforms including iTunes, Android backups, Android physical images, extracts Windows Phones data, as well as acquires iOS backups or photo streams for iOS devices from iCloud.
VIP (Video Investigation Portable) is a forensically sound system for video acquisition, recovery and analysis from video surveillance during investigations. Through VIP, it helps clarify the visual evidence and restore the truth rapidly.
Traditional digital forensics technology cannot help in a proprietary file systems of video surveillance but VIP can. As the industry leading product, VIP enables forensic investigators to acquire video materials directly and rapidly from DVR, even deleted, damaged or overwritten data, and to analyze the video materials in an efficient, simple and precise way. It is a must in efficient restoring the visual evidence for law enforcement, court experts, military and intelligence agencies, etc.
(Hardware and Software can be ordered separately)
Intella provides access to data that is not accessible through other logical methods. Intella complements Analyst’s Notebook with its ability to integrate email content, email addresses, attachments, author information and email conversation tracking (threading) into i2 products. Data from multiple user devices and mail types can be added to find interconnections between them. Intella has smart matching tools to identify duplicate contacts across users’ mail and uncover common associations. It can also handle large quantities of data at rapid speed identifying key data like email addresses from the database
X-Ways is designed for investigating crimes in areas such as accounting, building laws, money laundering, corruption, homicide, child pornography, etc., X-Ways Capture employs various methods to search a running computer for indications of resident encryption software and detects an active ATA password protection. X-Ways also Capture dumps the physical RAM and images all connected media devices to a user-defined output path, e.g. an external USB hard disk. The program runs from a dongle where no installations or reboot is required. Since X-Ways Forensics does not need to be installed means you don’t run the fear of unnecessarily destroying data by overwriting free space on the subject drive, without unnecessary changes to the system registry, etc. Intella has smart matching tools to identify duplicate contacts across users’ mail and uncover common associations. It can also handle large quantities of data at rapid speed identifying key data like email addresses from the database
ZiuZ is a leading innovative company in the development and application of visual intelligence in high-grade technology. They create user-friendly solutions for police and security services, and for the medical world.
The increased volume of digital visual material over the past few years is expected to continue; therefore a need for software that can manage, organize and recognize photo and video material exists. Unlike text, photos and videos are difficult to classify and search through.
There’s a strong need from various fronts for a robust tool that can manage huge volumes of digital visual material, for instance by automatically creating summaries, and analyzing and creating reports on visual material.
AlienVault is the leading provider of Unified Security Management and crowd-sourced threat intelligence required to detect and act on today’s advanced threats.
Its products are designed to ensure that mid-market organizations can effectively defend themselves against today’s advanced threats. By building the best open source security tools into one Unified Security Management™ platform, and then powering the platform with up-to-the-minute threat intelligence from AlienVault
Silobreaker’s products are built to support the workflow of today’s intelligence workers and to provide users with context, insight, situational awareness and dynamic decision-support.
The combination of multiple-type, multiple-source data aggregation together with cutting-edge semantic and statistical text-mining is how Silobreaker is able to serve up results in so many different ways. This enables users to search, filter and analyze without having to rely on traditional keyword queries.
TracksInspector offers an intuitive, web-based solution that puts digital investigations into the hands of detectives. By allowing investigators to conduct an early case assessment and identify the data and devices relevant to the case, in order to enable the forensic specialists to conduct a targeted forensic analysis.
Ultimately, this allows investigators to solve more cases faster while easing High Tech Crime Unit’s (HTCU) backlogs.