Home      Order overview      Newsletter      Authors      About      Contact

 

BTSoftware BV

Software
Registration

 



  Desktop Tools

  File Managers

  Editors

  Utilities

  HTML/XML

  Email

  PDF Tools

  FTP

  Browsers

  Remote & Telnet

  Network Tools

  Internet

  Graphics

  Multi Media

  Flash

  Security

  Recovery

  Compression

  Disk/Backup

  System Tools

  Maintenance

  Databases

  Education

  Administration

  Development

  PDA/SmartPhone

  Linux

  Mac

  Java

  Games

 

Buy / Order

Pricing

Download

Version: 8.4

Date: 10-2017

Evidence Center 2018

http://belkasoft.com/ec

Belkasoft Evidence Center is an all-in-one forensic solution for acquiring, locating, extracting, and analyzing digital evidence stored inside computers and mobile devices.

Belkasoft Evidence Center makes it easy for an investigator to acquire, search, analyze, store and share digital evidence found inside computer and mobile devices. The toolkit will quickly extract digital evidence from multiple sources by analyzing hard drives, drive images, memory dumps, iOS, Blackberry and Android backups, UFED, JTAG and chip-off dumps. Evidence Center will automatically analyze the data source and lay out the most forensically important artifacts for investigator to review, examine more closely or add to report.

Evidence Center features

  • Fully automated acquisition, extraction and analysis of 700+ types of evidence
  • Destroyed and hidden evidence recovery via data carving
  • Live RAM analysis
  • Cloud data downloading and analysis
  • Advanced low level expertise
  • Concise and adjustable reports, accepted by courts

Types of evidence supported by Evidence Center

  • Office documents
  • Email clients
  • Pictures and videos
  • Mobile application data
  • Web browser histories, cookies, cache, passwords, etc.
  • Chats and instant messenger histories
  • Social networks and cloud services
  • System files, including jumplists, thumbnails and event logs
  • Encrypted files and volumes
  • Registry files
  • SQLite databases
  • Peer-to-peer software
  • Plist files
  • Geolocation data
  • Payment systems

Types of analysis performed by Evidence Center

  • Existing files search and analysis. Low-level investigation using Hex Viewer
  • Data carving and destroyed evidence recovery
  • Live RAM analysis including process extraction and data visualization
  • Cloud data analysis (iCloud, Google Drive, Google Plus)
  • In-depth Volume Shadow Copy support
  • Hibernation file (hiberfil.sys) and page file (pagefile.sys) analysis
  • Native SQLite analysis with freelist and WAL support
  • Discovers deleted SQLite records, e.g. Skype conversations or WhatsApp messages
  • Picture analysis including EXIF and GPS analysis, face/test/pornography/forgery detection
  • Video key frame extraction
  • Analysis of social communications with Social Graph Builder module
  • Encryption detection
  • Special files and folders analysis (e.g. Volume Shadow Copy, $OrphanFiles, $MFT etc.)
  • Hashset analysis
  • Flexible analysis with BelkaScript, free scripting module
  • Advanced search and data filtering, more than 20 types of predefined search (card and telephone numbers, names, suspicions words, etc.)

Evidence Center works with the following data sources and file systems

  • Storage devices - Hard drives and removable media
  • Disk images - EnCase (including Ex01), L01/Lx01, FTK, DD, Smart, X-Ways, Atola, DMG
  • Mobile devices - Mobile backups, UFED dumps, chip-off and JTAG dumps
  • Virtual machines - VMWare, Virtual PC, VirtualBox, XenServer.
  • Volatile memory - Life RAM dumps; fragmented memory set analysis with BelkaCarving
  • Memory files - Hibernation file and Page file
  • Unallocated space - Data carving discovers destroyed evidence
  • Network traffic - PCAP files
  • File systems - FAT, exFAT, NTFS, HFS, HFS+, ext2, ext3, ext4, YAFFS , YAFFS2

What's New in Version 8.5

  • Support for Android 7.0 and other mobile acquisition and analysis features
  • A pack of enhancements in Live Memory analysis (Windows 10 memory dumps support, process extraction and visualization)
  • Newly appeared possibility to detect malware
  • Better support for Outlook PST and OST files, allowing to process multi-gigabyte mailboxes
  • Support for a number of popular crypto currencies
  • A lot of new apps/updated app analyzed out of the box

Evidence Center helps investigate the following systems

  • Windows (all versions, including Windows 10)
  • Mac OS X
  • Unix-based systems (Linux, FreeBSD, etc.)
  • iOS: iPhone, iPad
  • Android
  • Windows Phone 8/8.1
  • Blackberry

Please contact BTSoftware for pricing

Trial Download

Price information

Trial Download Request

Select Product / License Count / Delivery type

USD

EUR

GBP

Pricing is based on prepayment and excluding VAT / BTW / MwSt / TVA.

Please contact BTSoftware for pricing

To send in an order at BTSoftware,
please enable Javascript in your browser.

Buy / Order

Last updated : 12-01-2018

News:

Perdemia Permission Analyzer available

Reports NTFS permissions

Permission Analyzer jproduct page

Napsys software available through BTSoftware

You can purchase Napsys software through BTSoftware from now on

CopyFlow product page

BTSoftware BV is now official partner of EM Software

BTSoftware BV and EM Software are now partner

BTSoftware BV has partnered with Devart

BTSoftware BV and Devart announce their official partnership.

More ...