Belkasoft Evidence Center 2017

Belkasoft全方位整合數位鑑識軟體:Evidence Center 2017,能對儲存於電腦或行動裝置中的數位證物定位、提取並執行分析數位證據。為全球超過70個國家,上千名數位鑑識專家與執法部門信任使用。

Evidence Center 產品主要特色

  • 能全自動採集、提取與分析超過700種裝置之數位證據
  • 透過數據捕捉能復原損毀或隱藏的數位證據(BelkaCarving™)
  • 記憶體分析(Live RAM analysis)
  • 雲端功能資料下載與分析
  • 優化的初階專家功能
  • 產出為法庭認可之扼要、適性的報告格式

Evidence Center OS

  • Windows (all versions, including Windows 10)
  • Mac OS X
  • Unix-based systems (Linux, FreeBSD, etc.)
  • iOS: iPhone, iPad
  • Android
  • Windows Phone 8/8.1
  • Blackberry

Evidence Center 支援的證物格式種類

  • Office documents
  • Email clients
  • Pictures and videos
  • Mobile application data
  • Web browser histories, cookies, cache, passwords, etc.
  • Chats and instant messenger histories
  • Social networks and cloud services
  • System files, including jumplists, thumbnails and event logs
  • Encrypted files and volumes
  • Registry files
  • SQLite databases
  • Peer-to-peer software
  • Plist files
  • Geolocation data
  • Payment systems

Evidence Center 其他特色

  • 瀏覽即時通訊之歷史紀錄、聯絡人資料。
  • 選擇聯絡人檢視對話記錄。
  • 照時間、訊息方向排序,且可對歷史紀錄作篩選檢視或搜尋。
  • 即時通訊之歷史紀錄匯出檔案格式支援txt、HTML、XML及CSV
  • 可挖掘已刪除之即時通訊歷史紀錄,包括:  Skype 3、4、5  ICQ Lite  ICQ 7  Windows Live Messenger  AIM  Yahoo! Messenger
  • 可挖掘記憶體映像檔挖掘即時通訊相關資訊,包括:
  •  AIM  ICQ 7  Yahoo! Messenger  Skype  Gmail  MSN  Google Talk  Facebook(個人訊息)
  • 支援之瀏覽器包括:  Microsoft Internet Explorer至version 8  Mozilla Firefox version 2及version 3  Opera  Google Chrome  Apple Safari
  • 支援之電子郵件收信軟體包括:  Microsoft Outlook 2003及2007  Microsoft Outlook Express

Evidence Center 相容資源與檔案系統

  • Storage devices - Hard drives and removable media
  • Disk images - EnCase (including Ex01), L01/Lx01, FTK, DD, Smart, X-Ways, Atola, DMG
  • Mobile devices - Mobile backups, UFED dumps, chip-off and JTAG dumps
  • Virtual machines - VMWare, Virtual PC, VirtualBox, XenServer.
  • Volatile memory - Life RAM dumps; fragmented memory set analysis with BelkaCarving™
  • Memory files - Hibernation file and Page file
  • Unallocated space - Data carving discovers destroyed evidence
  • Network traffic - PCAP files
  • File systems – FAT, exFAT, NTFS, HFS, HFS+, ext2, ext3, ext4, YAFFS , YAFFS2
NOTE: The list of features may vary between different editions of the product.
more...

© 2015 鑒真數位 All Rights Reserved