EnCase Forensic

EnCase Forensic software enables the examiners to quickly uncover critical evidence and complete deep forensic investigations, and to create compelling reports on their findings. With advanced capabilities and the powerful EnScript® programming language, EnCase Forensic has long been the go to digital forensic solution worldwide. Is has an easy to use web-like user interface, automated configurable evidence processing, unified search across the entire case, customizable reporting templates, simple email review, integrated smart phone & tablet acquisition, and Optimized Case Management, including native encryption capabilities

EnCase Portable

EnCase Portable is composed of two components, Triage and Collect. Triage allows forensic experts and non-experts alike to quickly review information in the field, in real time, without altering or damaging the information stored on a computer. By executing pre-configured triage searches, users can quickly browse pictures, view internet history, see who has been using a computer, and much more. With Collect, anyone can become an extension of an organization’s computer forensic incident response team. Running collection searches, pre-configured by the experts, anyone can perform forensically sound collections in the field. Collect can be used to create a bit-by-bit copy of a computer’s hard drive or perform a targeted collection based on the criteria required for the specific situation. In addition, with Collect, Investigating Officers can collect an exact copy of a computer’s memory, which can contain valuable information pertinent to an investigation.

Magnet Axiom Smartphone

MAGNET AXIOM SMARTPHONE PROVIDES THE MOST ADVANCED DATA RECOVERY TECHNOLOGY AND HAS POWERFUL ANALYSIS FEATURES FOR THE MOST THOROUGH EXAMINATIONS.

Use powerful carving and get more from mobile artifacts

Ingest phone extractions from Cellebrite, Oxygen Forensics, and more

Industry-leading artifact recovery from JTAG and chip-off images

Use AXIOM Smartphone’s advanced carving and extensive support for third party apps to find more deleted, encoded or encrypted data. Recover evidence from the leading mobile apps including Instagram, Snapchat, Musical.ly, Twitter, and more.

Magnet Axiom Computer

Magnet Axiom Computer offers industry-leading imaging, search, analysis and reporting tools for computer forensics.

Magnet Forensics tools recover the deepest artifact data available and give the most relevant starting point for your investigation. Magnet AXIOM Computer then allows you to drill down into the digital evidence in the file system to find more data and verify source location.

Magnet Axiom Cloud

Magnet Axiom Cloud accesses cloud services and apps and recovers artifacts and data to be examined.

Retrieve data from services including Facebook Messenger, Facebook Timeline, Office 365, Google apps, iCloud, DropBox, Instagram, Twitter, YouTube, Hotmail, Outlook, Skype for Business and more. AXIOM Cloud is the leading cloud forensics tool to support two-factor authorization for both iCloud and Google cloud services.

BELKASOFT EVIDENCE CENTER X

Belkasoft Evidence Center X is an all-in-one digital forensics and incident response solution for acquiring, locating, extracting, and analyzing digital evidence stored inside computers and mobile devices, RAM and cloud.
Product is offered in a number of editions.

BELKASOFT EVIDENCE CENTER X EDITIONS

X FORENSIC
X Forensic edition is the complete solution for conducting in-depth investigations on all types of digital media devices and data sources, including computers, mobile devices, and the cloud. Combining the functionality of X Computer and X Mobile editions with advanced features such as cloud data extraction, checkm8-based acquisition, and WDE decryption, it is an irreplaceable analytical tool for digital forensic laboratories of federal law enforcement agencies and state-level police departments.

KEY FEATURES

1. All features of X Computer and X Mobile.
2. Acquire and analyze data from cloud sources
3. Use forensically sound checkm8-based acquisition to extract data from the range of iPhone devices (from iPhone 5s through iPhone X) and even from locked iPhones without a jailbreak.
4. Access devices encrypted with whole device encryption, such as APFS, Bitlocker, TrueCrypt and others.

X CORPORATE
X Corporate edition is the digital forensic and incident response solution with enhanced analytical functionality specifically developed to meet the business requirements of large corporate organizations, which prefer to have a DFIR team in-house or provide DFIR services. Corporate incident responders can take advantage of a combination of X Forensic capabilities and advanced X Corporate features—incorporated into the product specifically to respond to the demands of corporate customers.

KEY FEATURES

5. All features of X Forensic.
6. Investigate hacking and intrusions into Windows-based computers with the help of Incident Response module.
7. Find intersections between the currently investigated case and other BEC X cases by using Cross-Case Search functionality.

X COMPUTER
X Computer edition is a cost-effective solution developed specifically for investigators in local police departments, experts in small to medium consulting companies providing digital forensic and incident response services, and individual customers such as private investigators or digital forensic consultants. Customers who typically deal with only a few computer-related cases per year and/or have a limited budget will enjoy the very affordable price of X Computer edition.

KEY FEATURES

8. Extract data from hard drivesb, mount and analyze hard drives, disk images, virtual machines, and RAM.
9. Timeline analysis - ability to display and filter all user activities and system events in a single aggregated view
10. Examine and analyze hundreds of artifacts: chats, browsers, mailboxes, documents, pictures and videos, system files.
11. Use analytical features, such as Connection Graph, Timeline, advanced picture analysis.
12. Perform in-depth examinations into the contents of files and folders on the device with File System Explorer. Find even more evidence with Registry and SQLite Viewers.
13. Powerful file and data Carving feature helps to locate evidence that was deleted or hidden.

X MOBILE
X Mobile edition is a cost-effective solution developed specifically for investigators in local police departments, experts in small to medium consulting companies who provide digital forensic and incident response services, as well as individual customers (i.e. private investigators or digital forensic consultants). Customers who typically deal with just few cases per year involving unlocked mobile devices, and usually have limited budgets will enjoy the affordable price of X Mobile edition.

KEY FEATURES

14. Acquire images of iOS and Android devices using standard backup as well as jailbreak-related methods, lockdown files, MTP/PTP, MTK.
15. Extract full file system copy and keychain from iOS devices with the help of Belkasoft agent without doing a jailbreak.
16. Mount mobile backups and third-party tool smartphone images (UFED, OFB, GrayKey and Elcomsoft iOS images), chip-off dumps, TWRP images, JTAG dumps, etc
17. Examine and analyze mobile artifacts—calls and messages, mailboxes, messenger apps data (WhatsApp, Signal, Telegram, Snapchat, WeChat, etc.), social media apps (Facebook, Twitter, Tinder, etc.), browsers, cryptocurrencies, and many more.
18. Use analytical features, such as Connection Graph, Timeline, advanced picture analysis.
19. Perform in-depth examinations into the contents of files and folders on a device with File System Explorer. Find even more evidence with PList and SQLite Viewers.
For More Info

AD Triage

AccessData Triage (AD Triage) is a portable computer forensics solution to acquire data. It is a forensically sound and easy to use triage tool for on the scene preview and acquisition of computers (either live or shut down). With the help of this tool, the forensics examiner as well as non forensics personnel alike can acquire volatile and all or targeted hard drive data from a system in just minutes. Law enforcement agencies can preserve evidence securely without having to wait hours for a forensics expert to arrive on the scene. You can preview the file system and target data by criteria, including keyword(s), hash, regular expression, file size, date and time, extensions, file path and illicit images. In addition, users can collect network and system information, as well as live memory. It allows you to acquire the full disk, a volume, or peripheral devices, saving data to a USB device or an external hard drive and exports the data to a designated location on the same network. You can pre-configure your AD Triage device to automatically acquire only the data you’ve selected, allowing inexperienced users to safely and effectively use the tool.

Steganography Detection & Analysis

Steganography Detection & Analysis Suite (Stego Suite) provides investigators with advanced steganograpy investigation capabilities. This suite includes four software tools Stego Hunter, StegoWatch, StegoAnalyst and StegoBreak, allowing investigators to detect, analyze and in certain circumstances recover hidden information.

Malware Identification & Analysis

Gargoyle Investigator - Forensic Pro Edition includes very advanced malware detection and identification. The tool can search for “bad programs” and can provide information like suspect’s intentions, activities and motives.