OSForensics is a computer forensics package that can help you locate and analyze the enormous amount of digital evidence that may be available on a computer system. It normally used to discover exactly what someone’s been doing on their PC. So for instance you can quickly view the documents they’ve been opening, the web sites they’ve visited, the USB devices they’ve connected and any network shares they’ve used.
It’s possible to run text searches of any emails found on a system, from within the program. And you can even see what’s inside a computer’s memory at the moment, perhaps helping you to recover user names, passwords or other information that wouldn’t normally be visible.
[advt]The clever Mismatch File Search option will scan your hard drive, checking file contents and alerting you when they don’t match the extension (a .EXE file has been renamed as a .JPG, say). This could let you know if malware (or maybe another user of your PC) is trying to hide particular files.
There’s support for Hash Matching, a technique that helps you quickly identify changed Windows, Microsoft Office or other files, again useful if you’re looking for malware. And if you install OSForensics to a USB flash drive then you can take the program anywhere, and use it on PCs without leaving any significant trace.
Be the first to comment