Operating System Forensics is that the process of retrieving useful information from the OS (OS) of the pc or mobile device in question. The aim of collecting this information is to accumulate empirical evidence against the perpetrator. An OS (OS) is that the software component of a computing system that’s liable for the management and coordination of activities and therefore the sharing of the resources of the pc . The OS acts as a number …
In this article Explain different types of Anti-Forensics Tools which are using in forensic investigation. 1. Steganography Studio Source: http://stegstudio.sourceforge.net Steganography Studio is an anti-forensic tool to analyze the key steganographic algorithms. This tool implements algorithms that are configurable with a variety of filters. It implements the image analysis algorithms for the detection of hidden information. The software is developed in Java, allowing use in multiple OSs. 2. CryptaPix Source: http://www.briggsoft.com CryptaPix is an anti-forensic …
Detecting Steganography in this article how to detect Steganography explained with it types as well as Steganography detecting files explained with the help of tools using in stegenography and data hiding in file system structures technique. Software Clues on the Computer During investigation, the investigators should first look at files, documents, software applications, and other suspicious files for clues hidden through steganography. Steganography investigators should also know about common steganographic techniques, software, tools, terminologies, and …
Data Acquisition and Duplication Tools: Software in this article explain different types of software which is using in data acquision and duplication data tool. EnCase Forensic Source: https://www.guidancesoftware.com EnCase is a popular multi-purpose forensic platform which includes many useful tools to support several areas of the digital forensic process. This tool can collect a lot of data from many devices and extracts potential evidence. It also generates an evidence report. EnCase Forensic can help investigators …
Data Acquisition and Duplication Tools: Software Read More »
Data Acquisition Methods in this article explain which of the method using on data acquition and also explain those method which is continuously using in forensic investigation. There are following four methods available for data acquisition: 1. Bit-stream disk-to-image file Forensic investigators commonly use this data acquisition method. It is a flexible method, which allows creation of one or more copies, or bit-for-bit repkations of the suspect drive. ProDiscover, EnCase, FTK, The Sleuth Kit, X-Ways …
Live Data Acquisition is the process of extracting volatile information present in the registries, cache, and RAM of digital devices through its normal interface. The volatile information is dynamic in nature and changes with time, therefore, the investigators should collect the data in real time. Simple actions such as looking through the files on a running computer or booting up the computer have the potential to destroy or modify the available evidence data, as it …
