OSForensics 3.0.1001

4.2 out of 5 stars 4.2 (17 votes)

()

Windows 7/Vista/XP / Freeware / 3,090 downloads

OSForensics will allow you to extract forensic data from computers, quicker and easier than ever. Uncover everything hidden inside a PC. Discover relevant forensic data faster with high performance file searches and indexing. Restore deleted files. Identify suspicious files and activity with hash matching, drive signature comparisons, and look into e-mails, memory, and binary data. Manage your digital investigation. Organize information and create reports about collected forensic data.

  • Homepage

    OSForensics

  • Latest Changes

    - Case Management ?Images/drives without valid partition/file system info (ie. boot sector) can now be added to the case. This allows the drive to be viewable using the Raw Disk Viewer

    - File Indexing ?Added support for indexing extracted binary text from "hiberfil.sys" and "pagefile.sys" (not limited by max file size limit)

    - Fixed stemming problems during indexing

    - Fixed bug with updating indexing status causing small indexing jobs to report no files being indexed

    - Fixed bugs with identifying misnamed ZIP files during indexing

    - Updated Engine/CGIs to V7 build 1008

Reviews of OSForensics

  1. 5 out of 5 stars
    -Lord-

    Reviewing 2.1.1000 (Aug 12, 2013)

    Pretty interesting. Has a serious learning curve attached to it. Don't expect to be a CSI right out of the gate. Compared to enCase, this has a nicer interface, and has the same challenge to learning where everything is, and how it all ties together. Haven't completed a full case in this one yet, but so far it's worked decently. Get it and try it. Certainly useful for any Information Assurance students.

    Also sets itself as transportable which is ridiculously useful. I'll give it a 5 because it all comes together well.

  2. 4 out of 5 stars
    Music4Ever

    Reviewing 2.0.1001 (Feb 4, 2013)

    Most interesting +

  3. 3 out of 5 stars
    some guy

    Reviewing 1.2.1003 (Oct 7, 2012)

    wholemkt9 go fu*** your self!

Discuss OSForensics