Tags
Language
Tags
March 2024
Su Mo Tu We Th Fr Sa
25 26 27 28 29 1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31 1 2 3 4 5 6

PassMark OSForensics Professional 3.1 Build 1000

Posted By: speedzodiac_
PassMark OSForensics Professional 3.1 Build 1000

PassMark OSForensics Professional 3.1 Build 1000 | 53.5 MB

OSForensics allows you to identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory and binary data. It lets you extract forensic evidence from computers quickly with advanced file searching and indexing and enables this data to be managed effectively.

Search within Files
If the basic file search functionality is not enough, OSForensics can also create an index of the files on a hard disk. This allows for lightning fast searches for text contained inside the documents. Powered by the technology behind Wrensoft's acclaimed Zoom Search Engine.

Search for Emails
- An additional feature of being able to search within files is the ability to search email archives. The indexing process can open and read most popular email file formats (including pst) and identify the individual messages.
- This allows for a fast text content search of any emails found on a system

Recover Deleted Files
After a file has been deleted, even once removed from the recycling bin, it often still exists until another new file takes its place on the hard drive. OSForensics can track down this ghost file data and attempt to restore it back to useable state on the hard drive.

Uncover Recent Activity
- Find out what users have been up to. OSForensics can uncover the user actions performed recently on the system, including but not limited to:
- Opened Documents
- Web Browsing History
- Connected USB Devices
- Connected Network Shares

Collect System Information
- Find out what's inside the computer. Detailed information about the hardware a system is running on:
- CPU type and number of CPUs
- Amount and type of RAM
- Installed Hard Drives
- Connected USB devices
- and much more.

View Active Memory
- Look directly at what is currently in the systems main memory. Attempt to uncover passwords and other sensitive information that would otherwise be inaccessible.
- Select from a list of active processes on the system to inspect. OSF can also dump their memory to a file on disk for later inspection.

Extract Logins and Passwords
Recover usernames and passwords from recently accessed websites in common web browsers, including Internet Explorer, Firefox, Chrome and Opera.



Email Viewer
Only one instance of the e-mail viewer window is now available and shared amongst all modules. This allows e-mail messages to be opened instantly without having to reload the e-mail file if it was previously opened.
Partially loaded e-mail files (ie. cancelled halfway during loading) are no longer allowed and removed from the tree view
Added support for recovering deleted and orphaned e-mails in PST files
Added status bar on the bottom of the window to indicate the number of items in the current folder
Fixed header field (From, To, Cc) text not showing when text length is too long
Fixed saving attachments with invalid filename characters
Added implementation to save PST emails with embedded message attachments in MSG format.
Removed storage of e-mail file path for each mail item to reduce memory usage
Fixed a crash when closing e-mail viewer while still loading e-mail/searching
Direct Access
Reduced the memory usage for VMDK, VHDI and raw images
Cache data is now share globally per device rather than per device/thread. This reduces memory usage and increases performance
NTFS
Fixed loading of $MFT file split into multiple MFT records
Added caching of ATTRIBUTE_LIST to improve performance
Fixed a possible crash when saving to disk
Internal viewer
Fixed a crash related to merged cells when converting excel document to html
Fixed a bug with POLE library causing large files to be saved improperly
Fixed hex view showing incorrect bytes while performing search
Forensic Copy
Fixed error message preventing files to be copied to a windows drive destination
File Indexing
Added support for indexing .tar, .gz, .tar.gz, etc.
Added BinStringsUseBigram option for create index binary string extraction settings, Code words and Extreme
Added options to index "System hibernation and paging files"
Changed email prescan estimate to handle more cases
Added a MAXPAGES min. cap of 100,000 pages when scanning attachments
Fixed a bug with not detecting if wordmap merging failed mid write due to out of space or other causes.
Fixed a bug with free edition not indexing PDF files properly (indexed as html)
Fixed a bug with not being able to perform searches on indexes created within a folder path that contains Unicode character (e.g. unicode characters in user name or in case name)
Fixed an issue with not scanning text files (non plugin files) when scan .sys files is enabled.
Fixed a bug with an infinite loop when indexing a file misnamed as DOC (e.g. a RTF file)
Fixed several bugs when indexing emails
Recent Activity
New user interface, summary of items shown in left hand treeview side, added filters, new sortable list
Updated to work with latest version of opera (23)
Now searching localised folder names so should return more results on non-english installs of Windows
Now searching more registry locations for installed programs so far more results should be returned
Fixed a bug where registry locations of some installed programs weren’t displayed fully
Fixed some issues when trying to get recent activity from non-system drives
Drive Preparation
Improvements to Disk preparation error messages.
Improvement to the Drive preparation progress update.
Disk Imaging
Raid rebuilding, fixed detection of RAID metadata for Promise RAID controllers



Home Page - http://www.osforensics.com