Designed for forensics professionals
who must recover digital evidence from computers, smartphones
, an IEF Search finds hundreds of digital forensic artifacts by parsing and carving data from allocated and unallocated space.
FIND INTERNET ARTIFACTS:
Recover evidence from 265+ types of Internet Artifacts from Windows and Mac computers
- Social networking applications like Facebook and Twitter
- Webmail applications like Gmail and Hotmail/Outlook.com
- Instant messenger & chat applications like GoogleTalk and iChat
- P2P File Sharing Applications like Ares and eMule
- Cloud Based Services like Dropbox and Flickr
- Web browser activity from Internet Explorer, Chrome, Safari and others
- Refined browsing results like rebuilt webpages and Google Maps queries
- Pictures and videos with EXIF data
- Web video recovery from applications like Chatroulette and YapChat
- Mobile Backups from iOS smartphones
- Usenet Files from applications like Xnews and Grabit
- Mapping queries from Google Maps and Bing Maps
- Search Toolbar activity from Google and Bing
FIND BUSINESS APPLICATIONS & OS ARTIFACTS:
Recover evidence from 58 types of Business Applications & OS Artifacts from Windows and Mac computers
- Corporate Email and Instant Messaging artifacts including Outlook OST & PST files, mbox email archives, and Microsoft Lync/OCS IM
- Document files including .pdf, .doc, .docx, .xls, .xlsx, .ppt, .pptx
- Windows Operating System artifacts including user accounts, USB device history, lnk files, prefetch files, shellbags, jumplists, event logs and others
FIND MOBILE ARTIFACTS:
- Native Mobile OS Applications, including:
- Pictures and Video
- Phone Call Logs
- 3rd Party Mobile Applications, including:
- Chat Applications like WhatsApp, Kik Messenger and Snapchat
- Social Networking Applications like Facebook and Twitter
- Cloud Applications like Dropbox
- Unknown and/or Obscure Chat Applications:
- Our Dynamic App Finder searches for any potential mobile chat app databases on mobile images or file dumps, then identifies the app name, and maps the four key fields to interpret results from most chat apps: sender, receiver, date/time and message
Search results are organized in IEF Report Viewer, where they can be analyzed by a digital forensics professional to identify the evidence that is most important to a case.
IEF SEARCH RESULTS CAN BE ANALYZED QUICKLY & EFFICIENTLY USING OUR BUILT-IN ANALYSIS TOOLS, SO YOU CAN GET TO CRITICAL EVIDENCE FAST:
- Use Keyword Searches, Filters and Bookmarks to identify important evidence.
- Rebuild Webpages: View webpages in their original format as they were seen by the user.
Mapping: Plot geo-location data on a world map to identify physical locations.
Timeline: View artifacts graphed in a chronological sequence to observe overall activity patterns, and drill-down to isolate artifacts from a specific time period.
Picture Analysis: Identify and categorize images recovered by an IEF search with built-in picture and analysis tools:
- Refine results using skin tone filters
- View PhotoDNA, MD5 and SHA-1 hashes for recovered files
- Import hash values from Project Vic or custom hash databases to quickly identify and categorize illicit images