Passmark OSForensics v9

Product no.: PM-Forensics

In stock, processing within 24 hours

from 70.00

Netto

incl. 19% VAT

Volume Discounts on request       

Request quotation
 


Possible delivery methods: Siglent Promotional shipping, DHL Express Delivery, DHL standard delivery | Switzerland, DHL standard delivery, DHL standard delivery, DHL standard delivery, Promotional shipping, Software / license, Own carrier number

 

osforensics

Digital investigations for a new era

  • Identify suspicious files and activity
  • Extract evidence from computers quickly
  • Manage your investigation

 

 

discover_data_1

 

Discover Data

Discover relevant data faster through high performance file searching and indexing. Extract passwords, decrypt files and recover deleted files quickly and automatically from Windows, Mac and Linux file systems.

Identify_evidence

 

Identify Evidence

Identify evidence and suspicious activity through our hash matching and drive signature analysis features. Identify and analyze all files and even automatically create a timeline of all user activity.

manage_your_case

 

Manage your Case

360° Case Management Solution. Manage your entire digital investigation with OSF’s new reporting features. Build custom reports, add narratives and even attach your other tools’ reports to the OSF report.

 

 

 

Professional and Bootable Editions

The professional and bootable editions of OSForensics have many features not available in the free edition, including:

  • Import and export of hast sets
  • Customizable system information gathering
  • No limits on the amount of cases being managed through OSForensics
  • Restoration of multiple deleted files in one operation
  • List and search for alternate file streams
  • Sort image files by colour
  • Disk indexing and searching not restricted to a fixed number of files
  • No watermark on web captures
  • Multi-core acceleration for file decryption
  • Customizable System information Gathering
  • View NTFS directory $I130 entries to identify potential hidden/deleted file

 

 

Complete suite for forensic investigation

OSF provides one of the fastest and most powerful ways to locate files on a Windows computer or Forensics Image. Search within the contents of files with the use of our acclaimed indexing engine providing industry leading relevance ranking, date range searching, exact phrase matching, "Google-like" context results and more.

 

This takes advantage of the fact that computer hardware tends to fail either very early in its life or after many thousands of hours of use.

OSforensics

 

Investigate and search within hundreds of file types including Office and Acrobat documents, image files (with OCR), e-mails (Outlook, Thunderbird, Mozilla and more), attachments, ZIP files, and even binary files and unallocated clusters.

cs2

Search and recover files that a user may have attempted to destroy or have been removed from the Recycle Bin.

cs3

Scan the computer for evidence or recent activity, including accessed websites, USB drives that have been connected, wireless networks, recents downloads, website logins and website passwords.

cs4

 

OSF provide powerful tools to uncover and crack passwords on a live system or forensic image.


These include:

  • Website logins and passwords (used in Chrome, Edge, Firefox and Opera)
  • Outlook and Windows Live passwords
  • Saved Wifi passwords
  • Windows autologon password
  • Windows and other Microsoft product keys
  • Ports (Serial / Parallel)
  • Network adapters
  • Physical and optical drives
  • Bitlocker detection
cs5

OSF can expose the HPA and DCO hidden areas of a hard disk which can be used for malicious intent, including hiding illegal data.

cs6

Use OSF to access Volume Shadow Copies. This allow you to look at how a disk appeared at a point of in time in the past and see what has changed. Discover changes to files and even view deleted files.

7cs

 

 

tab3
 

Timeline Viewer

OSF features a Timeline Viewer that provides a visual representation of file and system activity over time, helping you to identify date ranges where significant activity has occured, or build up a pattern of behavior over years, months or days.

 

 

 

 

Identify data

 

Verify and match Files

Use OSF to confirm that files have not been corrupted or tampered with by comparing hash values or identify whether an unknown file belongs to a known set of files. Verify and match files with MD5, SHA-1 and SHA-256 hashes. Find misnamed files where the contents dont match their extension.

tab2
 

Timeline Viewer

Create and compare drive signatures to identify differences and changes made on a system.
OSF lets you create a forensic signature of a hard disk drive, preserving information about file and directory structures present on the system at the time of singature creation.

 

 

 

 

Bild2

 

File Analysis Tools

OSF provides a comprehensive suite of tools to analyze files, emails, and systems information including.

  • File Viewer that can display streams, hex, text, images and meta data
  • Email viewer that can display messages directly from the archive
  • Registry Viewer to allow easy access to Windows registry hive files
  • File System Browser for explorer - like navigation of supported file systems on physical drives, volumes and images.
  • Raw Disk Viewer to navigate and search through the raw disk bytes on physical drives, volumes and images.
  • Web Browser to browse and capture online content for offline evidence management
  • ThumCache Viewer to browse ThumbCache viewer to browse the Windows thumbnail cache database for evidence of images/files that may have once been in the system
  • SQLite Database Browser to view the and analyze the contents of SQLite Database files.
  • ESEDB Viewer to view and analyze the contents of ESE DB (.edb) database files, a common storage format used by various Microsoft applications
  • Prefetch Viewer to identify the time and frequency of applications that been running on the system, and thus recorded by the O/S's Prefetcher
  • Plist Viewer to view the contents of Plist files commonly used by MacOS, OSX, and iOS to store settings.
  • $UsnJrnl Viewer to view the entries stored in the USN Journal

l1

 

 

Create Cases

Organize all the evidence you have discovered into a single cryptographically secure case file.

 

 

 

 

 

 

 

l3

 

 

 

Storage Device Management

Manage your storage devices in a centralized manner for convenient access throughout OSF.

 

 

l2

 

 

 

 

Generate Report

Export your case File as an accesible and customizable report showing all evidence associated with the case. Deliver a readable summary of forensic findings to clients or law enforcement agents at any point in your investigation.

 

 

 

 

 

 

l5

 

 

Audit Trace

OSF can automotically maintain a secure audit trail of the exact activites carried out during the course of the investigation.

 

 

 

l4
 

 

Drive and System Management

Create and restore disk images of evidence disks, to support forensics analysis without risking the integrity of the original data.

Rebuild a complete RAID image from a set of RAID member disk images.

Make exact copies of the partitions or drives of an active system. Useful for live acquisitions while running OSF from your USB drive.

 

 

 

l6

 

Take OSF with you

OSForensics can be installed and run from a portable USB drive. Take the investigation straight to the target computer without risking the contamination of valuable forensic information.

 

 

 

 

Free Tools

 

1

 

OSF Mount

Identify evidence and suspicious activity through our hash matching

2

 

OSFClone

360°Case Management Solution. Manage your entire investigation.

3

 

ImageUSB

360°Case Management Solution. Manage your entire investigation.

4

 

Volatility Workbench

Identify evidence and suspicious activity through our hash matching

 

 

Browse these categories as well: Passmark Software, PC Test Software