#mobile data recovering by forensic cloning | Explore Tumblr Posts and Blogs

cyberexpertankur · 2 years

Text

ANKUR CHANDRAKANT ON IMPORTANT SKILLS REQUIRED FOR CYBER FORENSICS AND HOW DO CYBER FORENSICS EXPERTS WORK.

Ankur Chandrakant, a recognised Cyber Security and Forensic Expert with a deep understanding of Blockchain, NFT, Crypto, and Metaverse, explains how do Cyber Forensics experts work. He explained the seven steps. They are as follows.

1. Imaging or copying the hard drive of the under investigation system: Imaging or copying the hard drive involves producing a copy of the files and folders on the hard disc. By copying every item of data on the drive from the system under inquiry, a clone of the drive is made on another drive.

2. Verification of the duplicated data: After the data is copied from the hard drive of the investigation system to another hard drive, the forensic professionals verify that the copied data is identical to the original data.

3. Ensuring that the duplicated data is forensically sound: The data written to the hard drive is in a format that is compatible with the computer’s operating system. As a result, forensic professionals must ensure that data moved from the investigation system’s disc to another drive is not tampered with in any manner. The data is replicated in a forensically sound way, utilising a write-blocking device.

4. Recovering lost files: Forensic professionals can retrieve files that have been erased by the user on the computer. The data are not completely wiped by the computer, and forensic professionals understand how to recover them.

5. Finding data in free space: The operating system regards space on the hard drive as space available to store new files and folders, but temporary files and files that were deleted years ago are stored here until fresh data is placed into it. To rebuild such data, forensic professionals look through this vacant space.

6. Performing keyword searches: Forensic professionals employ software that can scan all the data for certain phrases and provide the results.

7. The technical report: The technical report should be a simple document that everyone can comprehend, regardless of their background. It should primarily focus on the offence, the perpetrator, and how he committed the crime, as well as on the details.

Ankur explained why computer forensics is important. Computer forensics is used in the civil and criminal judicial systems to ensure the integrity of digital evidence presented in court cases. Digital evidence — and the forensic method used to collect, preserve, and examine it — has grown more crucial in solving crimes and other legal concerns as computers and other data-gathering devices are utilised more often in every part of life. Much of the data collected by contemporary technologies is never seen by the average individual. For example, automobiles computers continuously gather data on whether a driver stops, switches, or changes speed without the driver’s knowledge. This information, on the other hand, might be crucial in resolving a legal situation or a crime, and computer forensics is frequently used to find and preserve it. Data theft, network breaches, and illegal internet transactions are just some of the crimes that may be solved with digital evidence. It’s also utilised to solve physical crimes including burglary, assault, hit-and-run accidents, and murder in the real world. To keep proprietary information safe, businesses frequently employ a multilayered data management, data governance, and network security approach. Having data that is well-managed and secure might speed up the forensic procedure if the data is ever investigated.

Ankur also discussed some of the most important abilities to master cyber forensics. They are.

1. Technical aptitude: This is a technology-based skill. As a result, familiarity with many technologies, such as computers, mobile phones, network hacking, and security breaches, is required.

2. Attention to detail: To review an enormous quantity of data and find proofs, a forensic investigator must pay close attention to every detail.

3. Legal and criminal investigation knowledge: A forensic investigator must be as knowledgeable about criminal laws, criminal investigations, white-collar crime, and other related topics as he is about technology.

4. Effective communication skills: As part of a case, a forensic investigator must be able to assess and communicate technical material to others in the business or in court.

5. Understanding the fundamentals of cyber security: Cyber security and cyber forensics are closely connected topics, and a firm foundation in cybersecurity may help you succeed in cyber forensics.

6. Analytical Skills: To assess proofs, discover patterns, interpret data, and solve crimes, forensic professionals must have strong analytical skills.

7. Desire to learn: The area of cyber forensics is always developing, and forensic hopefuls must be eager to keep up with recent developments.

8. Willingness to take on new challenges: Criminal investigations involving law and order can contain unsettling information and occurrences. Candidates for forensic science must be able to operate in such a demanding atmosphere.

Follow on Instagram https://www.instagram.com/ankurchandrakant/

0 notes

night-draugr-blog · 7 years

Text

SIM Card Readers Can Only Recover A Tiny Fraction Of The Data Available From A Cell Phone

Once someone understands that they will need to regain essential information which has been deleted out of a mobile phone the very first thing they'd certainly do would be visiting the Web. But regrettably, if you seek out "regain deleted texting" you are most likely to think of misleading info. The majority of the websites you will see will probably soon be hawking economical within the counter tops sim-card subscribers because of the remedy to a computer data retrieval issue. These the web websites actually take to provide the belief which the do-it-yourself that you sim card reader can regain all of the deleted info out of the cell phone.

Sadly, that is just not true. A simcard reader may simply regain the very last amounts obtained and called and also the past couple of texting. Possibly 10 in case you should be blessed. In addition, these subscribers just focus with apparatus which have sim-cards also that excludes the vast majority of apparatus available on the market. Their worst portion with this narrative is the fact that the overwhelming most of those inexpensive apparatus will also be sim-card authors plus certainly, will equally as readily delete all of the info from the SIM and wash it blank. This usually means that you are going to need to get in touch with calling the carrier and also get the IMSI (International Mobile Subscriber Identification) along with the ICC-ID (worldwide Circuit Card Identifier to be able to clone your SIM and find the device working again.

In the event that you will have to regain deleted info out of your cell phone exactly what you really desire to accomplish would be to submit the apparatus to an expert forensic information retrieval procedure. Should you are doing, the signs may be utilized in court docket and also the device is going to likely be returned to you undamaged and unaltered.

A Mobile mobile evaluation is actually a cutting edge advantage in authorized large technology intelligence collecting.

An Accreditation Exam Can decode:

- Recover Texting - Recover SMS Messages - Thorough Telephone Documents; Dialed/ Received/ Situations/ / / Durations - Recover Pics & Graphics - Recover Online Video - Get Names & Cell Phone Numbers - Recover Addressbook - Email Addresses - Recover Caller-id - Sext Messages - Additional Deleted Info

This really is much more info than any do-it-yourself that you sim-card reader can backup off your mobile phone. And also a true forensic data retrieval may regain a lot a lot more text and also more texts compared to only the previous ten in case you find blessed. Don't forget to learn the nice publish that a simcard reader will just focus with GSM mobiles at which in fact the texts and also cell phone numbers are saved to the simcard itself. The whole forensic information retrieval will probably regain info not merely from your SIM but also the interior memory of the cellular telephone.

If you're set on regaining this info plus you also can't manage to earn any faults and potentially damage all the computer data you need to perform exactly the wise thing and give a wide berth to sim-card visitors at any cost. It's just not really worth wasting your own time and effort and cash whilst potentially ruining your own data.

3 notes · View notes

marymosley · 4 years

Text

Digital Forensics: Applications and Challenges

Digital Forensics

Cyber Crime is a violation of the cyber laws. The crimes committed over a digital platform or via the internet are diverse and complicated. It can be defined as a virtual attack on an individual, group or an organization’s reputation, financial stability, etc. Computers and digital platforms have become ubiquitous in our society, and thus it is very likely that any investigation will involve some form of digital evidence. [1] With the increase in the number and type of digital offences, the demand for digital forensic professionals and tools has increased. It is an emerging field and with the development in the tools and techniques to counter such crimes and violations, the cyber criminals comes with more advanced techniques to get away with the crime. Thus, with the ever increasing applicability of this field come various challenges. In this section we will discuss the growing application of Digital Forensics and also the Shortcomings and challenges faced.

Application of Digital Forensics

Digital Forensics is a branch of forensic science that deals with digital evidences in solving a crime under the regulations of law. With the wide availability and use of various digital media and devices, and social media there are various branches of digital forensics such as mobile forensics, network forensics, database forensics, email forensics, etc. With increasing digital crime in each branch, digital forensics has wide applicability.

The major applications of digital forensics are

Crime Detection- There are various malwares and malicious activities that happen over digital media and networks, such as phishing, spoofing, ransomware, etc.

Crime Prevention- There are various cyber crimes that happen due to lack of security or existing unknown vulnerabilities, such as zero-day vulnerability. Hence, cyber forensics helps in finding out these vulnerabilities and avoiding such crimes to occur.

Crime Analysis- This is the main application of digital forensics. It involves- [2]

Preservation- This process involves protecting the crime scene and the digital evidence or setup from further manipulation and photographing and video graphing the crime scene, for future reference. Also this process involves stopping any ongoing command that may be linked to the crime.

Identification- This process involves identifying the digital media and devices that can serve as the potential evidence.

Extraction- This process involves the imaging of the digital evidence, (to maintain the authenticity of the original evidence), for further analysis.

Documentation- This involves maintaining the chain of custody and documenting all the evidence collected from the crime scene.

Interpretation- This involves making of a report by the digital forensic expert about the analysis conducted on the digital evidence using various tools such as FTK (for imaging and mounting of evidences),Sleuth Kit and Autopsy (analyzes disk images and recover files from them) etc. and presenting it in the court of law. The conclusion is based on the evidence collected and reconstructing data fragments.

Challenges in Digital Forensics

The major challenges faced by digital forensic professionals are the growing number and size of evidence to be analyzed and the cybercriminals being equally equipped with anti-forensic tools to erase that digital evidence or to produce a delay in the digital evidence generation process.

Few of the current challenges in the field of digital forensics are listed as follows-[3]

Digital Media types- There are various digital devices used these days. The technique used for one specific device cannot be used for some other device because of the different characteristics of each device. Moreover, the digital forensic expert must be equipped with the use of software for analysis and also the device being analysed.

Online Disks- The large firms store their data on online disks. These generate a huge amount of data on online disks, and thus, imaging of such huge data takes a lot of time and also requires the firm to shut their services until the imaging is complete.

Anonymity of the IP- This is one of the big challenge to cyber forensics. IP address allows network identification and location addressing of a device connected to a network. However, IP address can easily be spoofed by cybercriminals and hence can become a hindrance in the address location of the device. Similar to IP address spoofing, there is MAC address and email address spoofing as well that becomes a challenge for the digital forensic expert.

Anti- Digital Forensic- This is used by cybercriminals and also used legitimately by individuals who want to protect their privacy. Anti-digital forensics is a set of techniques and measures used to slow down or incapacitate the process of investigation by manipulating, erasing, or obscuring the data. One of the most commonly used anti-digital forensic techniques is RootKit that has been used by cybercriminals for years to hide the activities of the malicious code.

Testing and Validation- With the cybercriminals getting more equipped, there is always a need to update the software to efficiently analyze the evidences and also provide valid results that can be made admissible in the court of law, like the use of Virtual Machines. It is a forensic investigation tool that allows the investigators to clone the image from the target computer, virtually, but when the image is booted on a machine with different hardware, it installs the missing drivers and thus makes the image a modified one, thus renders it inadmissible in the court of law. [4]

Conclusion

The digitalization and growing use of computers and mobile phones in every household, and the companies linked through networks have increased the crimes happening virtually. Thus, the role of digital forensics comes into play and with the cybercriminals getting more equipped; the challenges faced in this domain of forensic science also increase. This article is a summary of all the key applications and challenges faced in digital forensics.

References-

Casey Eoghan. Handbook of Digital Forensics and Investigation. London. Elseveir Inc. 2010.

Dr. Naick B. R. Doraswamy, Bachalla Neelima. Application of Digital Forensics in digital libraries. International Journal of Library and Information Science. May–Aug 2016, Volume 5, Issue 2, pp. 89–94.

Wazid, M., Katal, A., Goudar, R. H., & Rao, S.Hacktivism trends, digital forensic tools and challenges: A survey. 2013 IEEE Conference on Information and Communication Technologies. (2013). doi:10.1109/cict.2013.6558078

Solomon G Michael, Rudolph K, Tittel Ed, Broom Neil, Barrett Daine. Computer Forensics Jumpstart. Canada. Wiley Publishing Inc. 2011.

Author:

Zoya Kalim, M.Sc Forensic Science.

Zoya is from West Bengal. She has worked around various fields of Forensic Science. She has multiple certifications in cyber forensics and internship experience in Medico-Legal and DNA department from Forensic Science laboratory, Lucknow, Uttar Pradesh. She gained some experience in Crime Scene Investigations while training under Delhi Police. She aspires to grow and develop in the field of cyber forensics.

The post Digital Forensics: Applications and Challenges appeared first on Legal Desire.

Digital Forensics: Applications and Challenges published first on https://immigrationlawyerto.tumblr.com/

0 notes

lostmemories-datarecovery-blog · 6 years

Text

Lost Memories - Data Recovery

DATA RECOVERY SERVICES RECOVER DELETED FILES

At Lost Memories – Data Recovery Services we utilise the latest advanced Digital Forensic techniques in order to recover deleted files and rescue your irreplaceable digital memories. This experience has been gained from assisting UK Police Forces with these services for over 10 years. Fair prices (Pricing starts at just £72), superior recovery techniques, confidentiality and exceptional customer service are guaranteed when you work with us. We are able to assist either on site or at our flagship laboratory – Data Recovery Stoke-on-Trent. Free Evaluation | No Data, No Charge Get in Touch Now for Free and Responsive Advice

Mobile Phone Data Recovery Services

Our Mobile Phone Data Recovery Services are one of our most commonly requested technical offerings. Be it so we can carry out the recovery of deleted photographs from mobile phones, to water damaged or smashed and unresponsive devices (phones & tablets). Every single mobile phone data recovery submission is treated on a case by case basis no matter if it's an iPhone, Samsung, Huawei or even an uncommon UK brand, as no one phone is identical. Submit your mobile phone handset for a free of charge assessment.

Mobile Phone Data Recovery Services

Computer Data Recovery Services

Our Computer Data Recovery Services can involve the submission and subsequent recovery of deleted data for a variety of computer styles such as a PC, workstation, tower, laptop or Apple Mac Device for our Computer Data Recovery Services. For the more technically savvy user of our data recovery services, if viable the internal Hard Disk Drive can be sent in for our Hard Drive Data Recovery Services. The quantity of data saved daily to our computers, means it's disastrous if the worst should happen and there is no backup of the data required. If you are using an external hard drive and it has suddenly become unreadable, unrecognised or clicking, then all is not lost as our experts can carry out Hard Drive Repair Services in order to get the hard drive into a working condition in order to clone the data, recover any deleted files if required and have it ready for prompt return. Submit your computer or hard drive for a free of charge assessment.

Memory Card Data Recovery Services

Our Memory Card Data Recovery Services are used on a daily basis by both private clients and businesses alike. Often they are submitted for our Memory Card Data Recovery Services following the corruption or accidental deletion of family, wedding or children's photographs from a digital camera, with it being the only copy. The errors that can cause data loss or access from a memory card can either by software or hardware based; no matter the problems encountered we will be able to assist and advise. Even physically damaged Micro SD, SD, CF Memory cards that have been damaged or snapped can on occasion be fully recovered. Submit your memory card for a free of charge data recovery assessment.

Memory Card Data Recovery Services Read the full article

0 notes

lbcybersecurity · 7 years

Text

Daphne Caruana Galizia's Murder and the Security of WhatsApp

Daphne Caruana Galizia was a Maltese journalist whose anti-corruption investigations exposed powerful people. She was murdered in October by a car bomb.

Galizia used WhatsApp to communicate securely with her sources. Now that she is dead, the Maltese police want to break into her phone or the app, and find out who those sources were.

One journalist reports:

Part of Daphne's destroyed smart phone was elevated from the scene.

Investigators say that Caruana Galizia had not taken her laptop with her on that particular trip. If she had done so, the forensic experts would have found evidence on the ground.

Her mobile phone is also being examined, as can be seen from her WhatsApp profile, which has registered activity since the murder. But it is understood that the data is safe.

Sources close to the newsroom said that as part of the investigation her sim card has been cloned. This is done with the help of mobile service providers in similar cases. Asked if her WhatsApp messages or any other messages that were stored in her phone will be retrieved, the source said that since the messaging application is encrypted, the messages cannot be seen. Therefore it is unlikely that any data can be retrieved.

I am less optimistic than that reporter. The FBI is providing "specific assistance." The article doesn't explain that, but I would not be surprised if they were helping crack the phone.

It will be interesting to see if WhatsApp's security survives this. My guess is that it depends on how much of the phone was recovered from the bombed car.

from Daphne Caruana Galizia's Murder and the Security of WhatsApp

0 notes

foxtrooth · 7 years

Text

Fox's Open Source Intelligence Index

This is an ongoing work in progress but hopefully as helpful list of resources that private investigators as well as general public can use in their investigation. For anyone that needs specialized experience or needs access to information not found in these sources, please do not hesitate to contact Fox Investigations by filling out a form on the home page or contacting us at [email protected]

This list is updated as of 20 Jan 2017. PLEASE LEAVE SUGGESTIONS IN COMMENTS SECTION!

THANK YOU!

General Search Engines

Ask

Bing

Cluuz

Deeperweb

Dogpile

DuckDuckGo (doesn’t track users)

Exalead

Google

Gigablast

Ixquick

Mozbot

Oscobo (UK-based, doesn’t track users)

Peeplo

Qwant (doesn’t track users)

Soovle

Sputtr

StartPage (Google search, doesn’t track users)

Yahoo

Yandex

Yippy

Searching People

Black Book Online (public records)

Canada411

Intellius

MarketVisual

Peekyou

Phonebook of the World

Pipl

Public Records

Rootsweb

Snitch.name (username search)

Spokeo

UserSearch

Webmii

Zaba Search

ZoomInfo

Searching Social Media and Dating Sites

AshleyMadison

Bebo

Blogspot

Classmates

Facebook

Flickr

Google Plus

Hi5

Instagram

Match.com

Meetup

MyLife-Reunion

MySpace

Ourtime

ReverbNation

Social Mention

Sportstats

Tagged

Trendsmap

Twitter

Wayn

Websta

WordPress

YikYak

YouNow

YouTube

Searching Images and Video

Flickr

Instagram

Photobucket

SmugMug

TinEye

Webshots

YouTube

What is TinEye?

Online Communities and Blogs

Angelfire

Blogdigger

Boardreader

Deviantart

Domain Tools

eWhois

Flixter

Google Groups

Icerocket

IMDB

Nexopia

Omgili

Tumbler

TypePad

Who.is

WordPress

Xanga

Yahoo Groups

Classified Listings

Amazon

Craigslist

Ebay

Hot Frog

Kijiji

Manta

PicClick

SaleSpider

Used.ca

Background Checks

Accurint

BRBPublications

CourtLink

LexisNexis

LittleSis

PACER

Tracers

US Tax Court

Business Search Sites

Better Business Bureau

BizNar

Bloomberg Businessweek

Central and Eastern European Business Directory

Corporate Information

Dun & Bradstreet

Guidestar

Hoovers

Industry Canada

Mint Business Information

Open Corporates

SEC

SEC Company Search

Specialized and Deep Web Searches

Airbnb

Athlinks

DomainTools

Earthcam

Fold3 (military records)

4chansearch (search at your own risk)

Global Terrorism Database

Human Trafficking

Internet Archive (same as Wayback Machine)

Ipaddresslocator

Snopes

Pageglimpse

Public Records

Wayback Machine

Whatismyipaddress

Webboar

Whoisology

GeoLocation Searches

Creepy

Echosec (Social Media search by location)

Google Maps APRS

IP Location

Digital Forensics

Digital Forensics Framework

Digital Forensics Framework is another popular platform dedicated to digital forensics. The tool is open source and comes under GPL License. It can be used either by professionals or non-experts without any trouble. It can be used for digital chain of custody, to access the remote or local devices, forensics of Windows or Linux OS, recovery hidden of deleted files, quick search for files’ meta data, and various other things.

Download: http://www.digital-forensic.org/

Open Computer Forensics Architecture

Open Computer Forensics Architecture (OCFA) is another popular distributed open-source computer forensics framework. This framework was built on Linux platform and uses postgreSQL database for storing data.

It was built by the Dutch National Police Agency for automating digital forensics process. It is available to download under GPL license.

Download: http://sourceforge.net/projects/ocfa/

CAINE

CAINE (Computer Aided Investigative Environment) is the Linux distro created for digital forensics. It offers an environment to integrate existing software tools as software modules in a user friendly manner. This tool is open source.

Read More about it: http://www.caine-live.net/

4. X-Ways Forensics

X-Ways Forensics is an advanced platform for digital forensics examiners. It runs on all available version of Windows. It claims to not be very resource hungry and to work efficiently. If we talk about the features, find the key features in the list below:

Disk imaging and cloning

Ability to read file system structures inside various image files

It supports most of the file systems including FAT12, FAT16, FAT32, exFAT, TFAT, NTFS, Ext2, Ext3, Ext4, Next3®, CDFS/ISO9660/Joliet, UDF

Automatic detection of deleted or lost hard disk partition

Various data recovery techniques and powerful file carving

Bulk hash calculation

Viewing and editing binary data structures using templates

Easy detection of and access NTFS ADS

Well maintained file header

Automated activity logging

Data authenticity

Complete case management

Memory and RAM analysis

Gallery view for pictures

Internal viewer for Windows registry file

Automated registry report

Extracts metadata from various file types

Ability to extract emails from various available email clients.

And many more..

You can read the full list here: http://www.x-ways.net/forensics/

SANS Investigative Forensics Toolkit – SIFT

SANS Investigative Forensics Toolkit or SIFT is a multi-purpose forensic operating system which comes with all the necessary tools used in the digital forensic process. It is built on Ubuntu with many tools related to digital forensics. Earlier this year, SIFT 3.0 was released. It comes for free or charge and contains free open-source forensic tools.

In a previous post at resource.infosecinstitute.com, we already covered SIFT in detail. You can read those posts about SIFT to know more about this digital forensics platform.

Download: http://digital-forensics.sans.org/community/downloads

EnCase

EnCase is another popular multi-purpose forensic platform with many nice tools for several areas of the digital forensic process. This tool can rapidly gather data from various devices and unearth potential evidence. It also produces a report based on the evidence.

This tool does not come for free. The license costs $995.

Read more about EnCase: https://www.guidancesoftware.com/products/Pages/encase-forensic/overview.aspx

Registry Recon

Registry Recon is a popular registry analysis tool. It extracts the registry information from the evidence and then rebuilds the registry representation. It can rebuild registries from both current and previous Windows installations.

It is not a free tool. It costs $399.

Read more about it: http://arsenalrecon.com/apps/recon/

The Sleuth Kit

The Sleuth Kit is a Unix and Windows based tool which helps in forensic analysis of computers. It comes with various tools which helps in digital forensics. These tools help in analyzing disk images, performing in-depth analysis of file systems, and various other things.

Read more about it here: http://www.sleuthkit.org/

\ Llibforensics

Libforensics is a library for developing digital forensics applications. It was developed in Python and comes with various demo tools to extract information from various types of evidence.

Read more here: http://code.google.com/p/libforensics/

Volatility

Volatility is the memory forensics framework. It used for incident response and malware analysis. With this tool, you can extract information from running processes, network sockets, network connection, DLLs and registry hives. It also has support for extracting information from Windows crash dump files and hibernation files. This tool is available for free under GPL license.

Read more about the tool: http://code.google.com/p/volatility/

WindowsSCOPE

WindowsSCOPE is another memory forensics and reverse engineering tool used for analyzing volatile memory. It is basically used for reverse engineering of malwares. It provides the capability of analyzing the Windows kernel, drivers, DLLs, virtual and physical memory.

Read more: http://www.windowsscope.com/index.php?page=shop.product_details&flypage=flypage.tpl&product_id=35&category_id=3&option=com_virtuemart

The Coroner’s Toolkit

The Coroner’s Toolkit or TCT is also a good digital forensic analysis tool. It runs under several Unix-related operating systems. It can be used to aid analysis of computer disasters and data recovery.

Read more: http://www.porcupine.org/forensics/tct.html

Oxygen Forensic Suite

Oxygen Forensic Suite is a nice software to gather evidence from a mobile phone to support your case. This tool helps in gathering device information (including manufacturer, OS, IMEI number, serial number), contacts, messages (emails, SMS, MMS), recover deleted messages, call logs and calendar information. It also lets you access and analyze mobile device data and documents. It generates easy to understand reports for better understanding.

More information here: http://www.oxygen-forensic.com/en/features

Bulk Extractor

Bulk Extractor is also an important and popular digital forensics tool. It scans the disk images, file or directory of files to extract useful information. In this process, it ignores the file system structure, so it is faster than other available similar kinds of tools. It is basically used by intelligence and law enforcement agencies in solving cyber crimes.

Download it here: http://digitalcorpora.org/downloads/bulk_extractor/ Xplico

Xplico is an open source network forensic analysis tool. It is basically used to extract useful data from applications which use Internet and network protocols. It supports most of the popular protocols including HTTP, IMAP, POP, SMTP, SIP, TCP, UDP, TCP and others. Output data of the tool is stored in SQLite database of MySQL database. It also supports IPv4 and IPv6 both.

Read more about this tool here: http://www.xplico.org/about

Mandiant RedLine

Mandiant RedLine is a popular tool for memory and file analysis. It collects information about running processes on a host, drivers from memory and gathers other data like meta data, registry data, tasks, services, network information and Internet history to build a proper report.

Read more here: https://www.mandiant.com/resources/download/redline

Computer Online Forensic Evidence Extractor (COFEE)

Computer Online Forensic Evidence Extractor or COFEE is a tool kit developed for computer forensic experts. This tool was developed by Microsoft to gather evidence from Windows systems. It can be installed on a USB pen drive or external hard disk. Just plug in the USB device in the target computer and it starts a live analysis. It comes with 150 different tools with a GUI based interface to command the tools. It is fast and can perform the whole analysis in as few as 20 minutes. To law enforcement agencies, Microsoft provides free technical support for the tool.

Official website: https://cofee.nw3c.org/

P2 eXplorer

P2 eXplorer is a forensic image mounting tool which aims to help investigating officers with examination of a case. With this image, you can mount forensic images as a read-only local and physical disc and then explore the contents of the image with file explorer. You can easily view deleted data and unallocated space of the image.

It can mount several images at a time. It supports most of the image formats including EnCasem, safeBack, PFR, FTK DD, WinImage, Raw images from Linux DD, and VMWare images. It supports both logical and physical image types.

This tool comes for $199, but you can grab the limited feature version of the tool for free.

Read more here: https://www.paraben.com/p2-explorer.html

PlainSight

PlainSight is another useful digital forensics tool. It is a CD based Knoppix which is a Linux distribution. Some of its uses include viewing Internet histories, data carving, checking USB device usage, memory dumps extracting password hashes, information gathering, examining Windows firewall configuration, seeing recent documents, and other useful tasks. For using this too, you only need to boot from the CD and the follow the instructions.

This tool is available for free.

Read more here: http://www.plainsight.info/index.html

XRY

XRY is the mobile forensics tool developed by Micro Systemation. It is used to analyze and recover crucial information from mobile devices. This tool comes with a hardware device and software. Hardware connects mobile phones to PC and software performs the analysis of the device and extract data. It is designed to recover data for forensic analysis.

The latest version of the tool can recover data from all kind of smartphones including Android, iPhone and BlackBerry. It gathers deleted data like call records, images, SMS and text messages.

Read more about it: http://www.msab.com/xry/what-is-xry

HELIX3

HELIX3 is a live CD-based digital forensic suite created to be used in incident response. It comes with many open source digital forensics tools including hex editors, data carving and password cracking tools. If you want the free version, you can go for Helix3 2009R1. After this release, this project was overtaken by a commercial vendor. So, you need to pay for most recent version of the tool.

This tool can collect data from physical memory, network connections, user accounts, executing processes and services, scheduled jobs, Windows Fegistry, chat logs, screen captures, SAM files, applications, drivers, environment variables and Internet history. Then it analyzes and reviews the data to generate the complied results based on reports.

Helix3 2008R1 can be downloaded here: https://e-fenseinc.sharefile.com/d/sda4309a624d48b88

The enterprise version is available here: http://www.e-fense.com/h3-enterprise.php

Cellebrite UFED

Cellebrite’s UFED solutions present a unified workflow to allow examiners, investigators and first responders to collect, protect and act decisively on mobile data with the speed and accuracy a situation demands – without ever compromising one for the other. The UFED Pro Series is designed for forensic examiners and investigators who require the most comprehensive, up-to-date mobile data extraction and decoding support available to handle the influx of new data sources. Platform agnostic, the UFED Field Series is designed to unify workflows between the field and lab, making it possible to view, access and share mobile data via in-car workstations, laptops, tablets or a secure, self-service kiosk located at a station.

More information here:

Financial and Government Regulatory

Investment Adviser Search: Information about current and certain former Investment Adviser Representatives, Investment Adviser firms registered with the SEC and/or state securities regulators.

FINRA Broker Check: Provides information on the background of registered investment professionals.

FINRA Arbitration & Mediation: Records on arbitration and mediation awards for FINRA Cases.

North American Securities Administrators Association: Links to all 50 state securities regulators

National Futures Association: Self-regulatory body for the U.S. Futures Industry

U.S. Securities and Exchange Commission: Regulatory body for investment industry protecting individuals interests

Governmentattic: Provides electronic copies of thousands of interesting Federal Government documents obtained under the Freedom of Information Act.

U.S. Department of Treasury: Specially Designated Nationals and Blocked Persons List

Bureau of Industry and Security – U.S. Department of Commerce: Denied persons list

System for Award Management: Access to information for federal government awarded contracts and contractors, among other things.

US Department of Labor Whistleblower Search: Search for a whistleblower complaint

New York Specific Links

New York City Department of Finance – Office of the City Register: Property records for the five boroughs of New York City.

New York City Property: Provides up to date tax information for properties in the five boroughs of New York City.

New York State – Department of State Division of Corporations, State Records and UCC: Search for New York State business and not-for-profit corporations, limited partnerships, limited liability companies and limited liability partnerships, as well as other miscellaneous businesses.

New York State Campaign Financial Disclosure: New York State political contribution records.

The New York City Campaign Finance Board: New York City campaign contribution records.

The New York Unified Court System (UCS): Access to eCourts, which provides access to information on future court appearances in New York and limited historical cases.

New York State Supreme Court and the County Clerk of New York: Online access to County of New York Supreme Court cases.

Westchester County Clerk ($): Access to legal records and land records for the Westchester County, New York.

New York Attorney Search: Verify the license of a New York attorney

New York Professional License Search: Search for professional licenses in the State of New York, like doctors, accountants and architects.

New York Department of State, Division of Licensing Services: Search for other professional licenses including notary public, security guard and private investigator.

New York Real Estate License Search: New York real estate licenses

New York Inmate Locator: Searches New York State Department of Correction records.

State Criminal Record Checks

Colorado Bureau of Investigation (CBI), Computerized Criminal History (CCH) ($)

Connecticut Department of Public Safety ($)

Florida Department of Law Enforcement (FDLE) Criminal History ($)

Georgia Felon Search ($)

Hawaii Criminal Justice Data Center ($)

Idaho State Police Bureau of Criminal Identification (BCI) ($)

Illinois State Police ($)

Indiana State Police Limited Criminal History Search ($)

Kansas Bureau of Investigation, Criminal History Record Check ($)

Kentucky Court of Justice, Administrative Office of the courts ($)

Maine Criminal History Record ($)

Massachusetts Department of Criminal Justice Information Services (DCJIS), Criminal 73. Offender Record Information (iCori) ($)

Michigan State Police Internet Criminal History Access Tool (ICHAT) ($)

Missouri Automated Criminal History Site (MACHS) ($)

Montana Department of Justice Division of Criminal Investigation ($)

Nebraska State Patrol Criminal Identification Division (CID) ($)

New York State Office of Court Administration criminal record search ($)

Oklahoma State Bureau of Investigation ($)

Oregon Open Records ($)

South Carolina Law Enforcement Division (SLED), Citizens Access to Criminal Histories (CATCH) ($)

Tennessee Bureau of Investigation Open Records Information Services (TORIS) ($)

Texas Department of Public Safety Computerized Criminal History System (CCH) ($)

Vermont Criminal Information Center Department of Public Safety Division of Criminal Justice Services ($)

Washington Access To Criminal History ($)

0 notes