OSForensics

Compare

Description

OSForensics allows you to identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory and binary data.

It lets you extract forensic evidence from computers quickly with advanced file searching and indexing and enables this data to be managed effectively.

OSForensics - Main window OSForensics - Main window

Click the images to view screenshots.

New in V7

  • Ability to boot an image as a Virtual Machine from OSForensics.
  • Addition of System Resource Usage Monitor (SRUM) database scanning for User Activity collection
  • OCR (Optical character recognition) allows you to search for text within PDF files
  • New built in hash sets for: Keyloggers, VPN Software, Peer to Peer (P2P) software, Cryptocurrency
  • Support for importing Project VIC hash sets

Features

Discover Forensic Evidence Faster

Professional and Bootable Editions

The professional and bootable editions of OSForensics have many features not available in the free edition, including;

  • Import and export of hash sets
  • Customizable system information gathering
  • No limits on the amount of cases being managed through OSForensics
  • Restoration of multiple deleted files in one operation
  • List and search for alternate file streams
  • Sort image files by colour
  • Disk indexing and searching not restricted to a fixed number of files
  • No watermark on web captures
  • Multi-core acceleration for file decryption
  • Customizable System Information Gathering
  • View NTFS directory $I30 entries to identify potential hidden/deleted files

The bootable edition contains all the professional features plus the ability to be run on systems without a valid operating system. See the full comparison list between the editions.

Reviews

There are no reviews yet.

Be the first to review “OSForensics”

Your email address will not be published. Required fields are marked *