Product Origin:
China1. One-Click Forensic
Forensics Master is the most easy-to-use forensic analysis software. Investigators can acquire common artifacts from source drive by a three-step operation (Create Case->Add Source->OneKey Forensic).
• System Artifacts: Automatically parse Windows system information, involving OS, network configuration, installed application, services, etc.
• Application Artifacts: Search and acquire application artifacts automatically, including Windows Prefetch, registry UserAssist (ROT13 decryption),Windows search items, thumbnail artifact, printer artifacts (SPL), etc.
• USB Artifacts: Analyze system and application program artifacts; acquire USB usage records.
• Recycle Bin Artifacts: Extract user artifacts and deleted files in the Recycle Bin.
• Web Browser Artifacts: Acquire web history from Internet Explorer, Google Chrome, FireFox, 360, Maxthon, Opera, and other Internet browsers.
• Instant Messaging Artifacts: Load chat logs of Yahoo, Skype, MSN, and other IM programs without password.
• E-Mail Artifacts: Parse Outlook Express(DBX), Office Outlook(PST) and Foxmail (IND,BOX) and e EML compound files; recover deleted items from Outlook Express (DBX) and Foxmail (BOX).
• Anti-Forensic Detection: Search for anti-forensic applications and encryption applications (executable files),including Steganography tools, common encrypted files (Zip,Office, RAR, PDF,etc.) and containers (Private Disk, TrueCrypt, PGP Disk).
2. File System and Image Format Supported
• Disks: Support static disk, dynamic disk, MBR & GPT partitioned disks.
• File system: Support FAT12, FAT16, FAT32, exFAT, NTFS, CDFS, UDF, Ext2/3/4, HFSX/HFS+ file system; recover deleted files from FAT, NTFS, Ext2, and HFSX/HFS+ file system.
• Image Format: Acquire evidence to E01, DD, 001, and L01 image files; support VHD, VMDK, ISO, and AFF virtual machine disk image files.
3. File View Files
• Support fast view file especially pictures
4. Other Features
• Simple keyword search, support most common codepages. Support fragmented email keyword searching (automatic keyword base64 conversion) and regular expression (like GREP).
• Support signature-based file recovery, formatted partition data recovery (like EnCase –Recover Folders) including FAT,NTFS,exFAT file system.
• Support video frame division,including AVI, WMV,ASF,RM,RMVB,etc.
• Parse Windows Event Logs and IIS logs.
• Verify file signatures and search for suspect files automatically.
• MD5, SHA-1, SHA-2 hashing for whole drive or single files.
• Perform forensic analysis in unallocated clusters, Pagefile.sys, and Hiberfil.sys.
• Generate analysis reports automatically.
Critical evidences are hidden under surveillance video. However, formatting, over written or system crash causes data losing. Recovery Master supports to recover data that was lost on surveillance video, in addition to recovery of various formats of data. Such as data from computer, cellphone.
A portable and highly-integrated computer forensics equipment. High performance such as disk duplication rate up to 39GB/min. Customizable forensics workflows of disk duplication, analysis and OS emulation.
Enable disk duplication, imaging OS emulation, data recovery and analysis. Help investigator to duplicate large amounts of data in a short time. Bundled with forensics analysis software.
A password recovery solution with a combination of software and hardware. Unprotect disks and systems, decrypt files and documents. Easy to use and with the fastest numeration speed and the most extensibility.
A multi-task clone device which can complete disk-to-disk & disk-to-image duplication. Support hash verification, data wiping, image-to-disk recovery and 3-to-3 disk duplication.
Hardware-level write-blockers to secure forensically sound and fast digital investigation on various storage media. Compatible with forensic acquisition and analysis software. Plug & play without extra power supply.
Data-destroying devices for various storage media. It allows concurrent data destruction by 12 channels of storage media.
One of the fastest acquisition devices with parallel acquisition technology, which can speed up to 50 GB/min. Designed for online/offline data acquisition from irremovable storages like servers, laptops, pads and all-in-one computers by four transfer channels.
【MEDAS】Mass Email Deep Analysis System
wheelbase :738mm Expand size :580*590*188mm Folding size :342*194*118mm Maximum horizontal flight speed :44km/h Maximum Mission Load :1.5kg Maximum takeoff weight :7.5kg Battery life :20 minutes (load 1.5kg) Communication distance :10km
The Watch UAV is a device that integrates detection and countermeasures. It can be flexibly deployed in key control areas to achieve 7×24 hours of automatic detection and countermeasures against drones (detection radius 3km, countermeasure radius 1km). It supports blacklist and whitelist settings, defense zone settings, precise countermeasures, etc. It can quickly locate the position of the drone and the pilot by analyzing the drone signal. It can also interfere with the drone signal to make it land or return.
Grid control solution for urban low-altitude drone
