Belkasoft Evidence Center

From ForensicsWiki
Jump to: navigation, search
Belkasoft Evidence Center
Maintainer: Belkasoft
OS: Windows
Genre: Analysis
License: Commercial
Website: https://belkasoft.com/ec

The Belkasoft Evidence Center is a commercial forensic solution for acquiring, locating, extracting, and analyzing digital evidence stored inside computers and mobile devices.

The toolkit extracts digital evidence from multiple sources by analyzing hard drives, drive images, memory dumps, iOS, Blackberry and Android backups, UFED, OFB, JTAG and chip-off dumps. Discovers 800+ types of artifacts, including 200+ mobile applications, major document formats, browsers, email clients, a hundred of picture and video formats, instant messengers, social networks, system and registry files, P2P and file transfer tools, etc.

Extracts data from the following operating systems: Windows (all versions), Linux, macOS, iOS, Android, Windows Phone, Blackberry.

Features

  • Acquisition of hard and removable drives, smart devices, RAM memory and cloud accounts
  • Automated extraction and analysis of 800+ types of evidence for both mobile and computer devices
  • Destroyed and hidden evidence recovery via data carving
  • Live RAM analysis, including process recovery and memory contents reviewing, and malware detection
  • Cloud data downloading and analysis
  • Advanced low level viewers
  • In-depth SQLite analysis including freelist data recovery, analysis of WAL and journal files, SQLite Unallocated space
  • Social connection graph visualization including unique "Communities detection" feature
  • Adjustable reports, accepted by courts