From ForensicsWiki
Revision as of 18:00, 26 March 2006 by Uwe Hermann (Talk | contribs)

Jump to: navigation, search

Paraben offers a wide variety of tools for analyzing disk drives and portable devices like cell phones and PDAs.


File Systems Understood

  • Major Windows formats
  • RAW format

Email Examiner

Their tool for searching email ("Email Examiner") can pull apart these files:

  • Outlook (PST)
  • Outlook Express (DBX)
  • AOL 6,7,8,9 (PFC)
  • MBox
  • Eudora
  • Mozilla Mail
  • Fox Mail
  • Juno
  • Calypso
  • MSN Mail
  • USENET newsgroups

File Search Facilities

Historical Reconstruction

Can it build timelines and search by creation date?

Searching Abilities

  • With "Text Searcher". Offers complex queries and searching of slack space.
  • Comes with an index building wizard.

Hash Databases

Can it create hashes of files and/or blocks? Can it compare these hash values to any databases? What sort of hash functions does it use?

Evidence Collection Features

  • Offers a feature called "Case Agent Companion v1.0" for tracking what the case agent does.


License Notes


External Links

External Reviews