• Home
• La Empresa
• Forense Digital
• Recuperacion de Datos
• Seguridad Informatica
• Entrenamiento
• Noticias/News
• Contactenos
• eafit16
• emeaintelligence2012

• Productos Forense Digital
  • DIGITAL INTELLIGENCE
    • Forensic Hardware
      • Forensic Systems
        • Freddie
        • Fred sc
        • Fred And Fred DX
        • Fred SR
        • Fred l
        • Ufred
        • Fredm
      • Forensic Devices
        • Fannie
        • Super Chief
        • Rack A Tacc Decryption
        • Tacc1441 Acelerator
        • Forensic Duplicator
        • Hardcopy 3
        • Hardcopy 2
        • Shadow 2
      • Forensic Write Blockers
        • Ultrakit
        • UB Esata IDE /SATA (RO)
        • UB Esata IDE /SATA (RW)
        • Ultrablock SAS (RO)
        • Ultrablock IDE/SATA (RW)
        • Ultrablock SCSI (RO)
        • Firewire Write Blocker
        • USB Write Blocker
        • Forensic Media Card Reader
      • Accessories
        • Multidrive Adapter
        • Zif Adapter
        • 1.8" Hard Drive Enclosure
        • 2.5" USB3 Sata HD Enclosure
        • 3.5"/2.5" Hard Drive Enclosure
        • Modular Storage System
        • Forensic Archive And Restore
        • Microsata Adapter
        • SATA To IDE Adapter
        • IDE To SATA Adapter
        • USB3 PCIe Controller
        • USB3 External Hub
        • Expresscard USB3 Adapter
        • Expresscard Esata Adapter
        • Expresscard Firewire Adapter
        • 2.5" Laptop HD Adapter
        • 1.8"Laptop HD Adapter
        • Laptop HD Adapter Set
        • SCSI3 To SCSI2 Adapter
        • SCSI3 To SCA Adapter
        • SCSI Adapter Kit
        • Firefly/UB Power Supply Kit
        • Travel Plug Adapter
        • Sata Hard Drive Tray
        • IDE Hard Drive Tray
        • Firewire Cable 9-6 Pin
        • Firewire Cable 9-9 Pin
    • Forensic Software
      • DI Software
        • Drivespy
        • Image
        • Part
        • PD Block
        • PD Wipe
      • Accessdata
        • Forensic Toolkit 3.0
        • Pasword Recovery Toolkit
      • Guidance Software
        • Encase Forensic Edition
        • Encase Portable
      • Paraben Forensic Tools
        • Forensic Replicator
        • Chat Examiner
        • Network Email Examiner
        • Email Examiner
        • Device Seizure
      • Hot Papper Technology
        • Email Detective
      • Stepanet Datalifter
        • Forensicware Solution
        • V2.0 Whit File Extractor Pro
        • Net Bonus Tools
        • File Extractor Pro
    • Forensic Training
      • Computer Forensic With Fred
      • Encase Advanced
      • CFFAD
      • CFFXP
      • CFFEN
      • Mobile Devices Forensic
      • Farm
      • Cell Phone Analysis
      • Computer Forensic Essentials
      • Fire
    • Forensic Services
  • PASSWARE
    • Forensic Solutions
      • Passware Kit Forensic
      • Subscription
      • Encryption Analyzer
      • Search Index Examiner
  • PARABEN
    • Products
      • Enterprise Forensics
        • P2 Enterprise
        • P2 ShuttlePro
        • P2 Shuttle Free
      • Mobile Forensics
        • Device Seizure
        • Device Seizure Fiel Kit
        • Deployable Fiel Kit
        • DDS (Deployable Devices Seizure)
        • DS Box
        • Sim Card Seizure
        • Stronghold Bag
        • Stronghold Box
        • Project A Phone
      • Hard Drive Forensics
        • P2 Commander
        • Deployable P2 Commander
        • Email Examiner
        • Network Email Examiner
        • P2 Explorer Pro
        • Forensic Replicator
        • Chat Examiner
        • Passware Kit Forensic
        • Parabens Lockdown
      • Consumer Tools
        • Irecovery Stick
        • Porn Detection Stick
        • Chat Stick
        • Possport Stronghold
        • Simcon
      • Free Software
        • P2 Shuttle Free
        • P2 Explorer Free
        • Link2
      • Bundles
        • P2 Command Kit
        • Devices Seizure Command Kit
        • Device Seizure Fiel Kit
        • Handheld Training Bondle
        • Mobile Lab Kit
    • Services
      • Cell Phone Forensic Consulting
      • Computer Forensic Consulting
      • Expert Testimony
    • Training
      • Cell Phone Forensic Training (PCME)
        • Mobile Level1
        • Mobile Level 2
        • Mobile Level 3
        • PCme Certification
      • P2 Commander Training (PCFE)
        • INTO TO P2 COMMANDER LEVEL 1
        • ADVANCE P2 COMMANDER LEVEL 2
        • PCFE CERTIFICATION LEVEL 3
      • Training Centers
      • Free Webinars
  • MILLE2
    • Training Options
      • live online security training
      • classroom based
      • self paced CBTS
      • Study kits
      • Customized Training
      • Trainig Brochure
    • Courses
      • Back
      • wireless security
        • CWSEngineer
      • Course shedule
      • Course Pricing
      • Guaranteed To Run Classes
      • General Security
        • c) Isso
        • Cissp
        • Cap
        • Sans GSLC-C) SLO
        • Sans Top 20 Security Controls
        • Social Engeneering
        • Security Eseential
        • Security Essentias
        • Iscap
        • Cihe
      • Pen Testing Ethical Hacking
        • Pen Testing Boot Camp
        • C)PTE
        • C)PTC
        • C)PEH
        • Certifield Ethical Hacker
      • Digital Forensics
        • C)DFE-CHFI
      • Other Security Titles
        • ITILv3
        • CISA-info Sys Auditor
    • Secure Coding y Web Apps
      • Secure Web App Engineer
      • C) SCE
    • Disaster Recovery
  • TABLEAU
    • Products
      • Duplicators
      • Forensic Bidges
      • Modular Storage Sistems
      • Hardware Accelerators
      • Sotfware
      • Power Supplies
      • drive adapters
      • Acquisition Accessories
      • Cables y Cables Adapter
  • BELKASOFT
    • Products
      • Belkasoft Evidence Center
        • Features
        • Installation instruction
      • Belkasoft Forensic Studio
        • Features
      • Belkasoft Forensic im Analyzer
        • features
      • Belkasoft Forensic Carver
        • Features
      • Belkasoft Mail Analyzer
        • features
      • Belkasoft Browser Analyzer
        • analyzer
      • Belkasaoft Skype Analyzer
        • features
      • Belkasoft ICQ Analyzer
        • features
      • Belkasoft qq Analyzer
        • features
      • Belkasoft icq History Extractor
      • Belkasoft Popup Suppresser
      • Belkasoft Removex
  • SARC
    • About Steganography
    • Product
      • StegAlizerAS-Steganography Analyzer Artifact Scanner
      • StegAlizerSS-Steganography Analyzer Signature Scanner
      • StegAlizerRTS-Steganography Analyzer Real-Time Scanner
      • Steganography Detection Policy for fidelis XPS
      • Custom Steganalysis Solutions
    • Training
      • Certifield Steganography Examiner Training
  • MUSHROOM
    • Solutions
      • Enterprise
      • Small Business
      • Broadcasting
      • Internet Data Centers
      • School & NPOs
      • Apartments
      • LECs & ISPs
    • Product
      • Truffle 5201G
      • Truffle 6401
      • Porcini 4422
      • Portabella 2242
      • Portabella 141
      • Teleporter
      • Virtual Leased Line
      • Broadband Bonding Service
    • Technology
      • Overview
      • Truffle BBNA
  • X-WAYS
    • Producto
      • X-ways Forensics
      • X-ways Investigator
      • WinHex
      • X-ways Capture
      • X-ways Trace
      • Davory
      • X-ways Security
  • D-FLABS
    • Solutions & Products
      • PTK Forensics
      • Incman-Incident management Suite
      • Dflog-log Management
  • WETSTONE
    • Product
      • Advanced Threat Identification (ATI)
      • G-FLASH
      • Gargoyle Investigator Forensic Pro
      • Gargoyle Investigator Enterprise Module (GEM)
      • Gargoyle Investigator Windows Forensic Edition (G-FE)
      • ¡FOSSIL
      • Sovereign Time
      • Stego Suite
      • US-LATT
  • FERNICO
    • Product
      • Far ProX Blu-ray
        • Overview
        • Technical Data
        • Options
      • Far ProX DVD
        • Overview
        • Technical Data
        • Options
      • Far ProX Imager
        • Overview
        • Technical Data
        • Options
      • Far LE
        • Overview
        • Technical Data
        • Options
      • ZRT 2 HD
        • Overview
        • Software
        • Options
        • Accesories
        • Upgrade Form
      • ZRT 2
        • Overview
        • Software
        • Options
        • Accesories
        • Upgrade Form
      • ZRT 2 Accesories
      • ERT
        • Overview
        • Software
        • Options
      • Phone View
      • Tomtology
  • PROJECTPHONE
    • products
      • Overview
      • Screenview
      • Snap
      • ICD_5200
      • ICD-1300
  • ADF SOLUTIONS
    • Products
      • Triage-Examiner
      • Triage-Investigator
      • Triage-G2
      • ADF-Triage Kit
      • Technologies
        • Capture Pak
        • Searchpak
        • ActivitySensor
        • Visual Search
  • CLEARWELL
    • products
      • Identification & Collection
      • Processing Search & Analysis
      • Review & Production
      • Case Management & Reporting
      • Clearwell
  • COGNITECH
    • Product
      • TRI-Suite11
        • Video Investigator
        • VideoActive
        • AutoMeasure
      • Forensic Acquisition
      • Goverment Applications
      • PIXL2GPS
      • Video Mobile Desktop Resplacement Supercomputer
  • ELCOMSOFT
    • Products
      • Elcomsoft Password Recovery Bundle
      • Elcomsoft Wireless Security Auditor
      • Elcomsoft Distributed Password Recovery
      • Elcomsoft Internet Password Breaker
      • Advance Archive Password Recovery
      • Advance Office Password Recovery
      • Advance Office Password Breaker
      • Advance PDF Password Recovery
      • Advance SQL Password Recovery
      • Advance Wordperfect Office Password Recovery
      • Advance Lotus Password Recovery
      • Advance Intuit Password Recovery
      • Advance Sage Password Recovery
      • Advance Mailbox Password Recovery
      • Advance IM Password Recovery
      • Advance VBA Password Recovery
      • Lightning Hash Cracker
      • Elcomsoft Phone Password Breaker
      • Elcomsoft Wireless Security Auditor
      • Proactive Password Auditor
      • Proactive System Password Recovery
      • Advance EFS Data Recovery
  • ACRONIS
    • products
      • Acronis Backup & Recovery
      • Acronis® Backup & Recovery™ 10 Online
      • Acronis® Backup & Recovery™ 10
      • Advanced Server Virtual Edition
      • Server for Windows
      • Server for Linux
      • 10 Advanced Server SBS Edition
      • Advanced Workstation
      • Workstation
      • Disk Director 11 Advanced Server
      • Home & Home Office
    • Home And Home Office
      • True Image Home 2011
      • Home 2011 Netbook Edition
      • Disk Director® 11 Home
      • Backup and Security™ 2011
      • Online Backup
      • AntiVirus 2010
      • Drive Monitor™
      • Migrate Easy 7.0
  • ACE LABORATORY
  • DECISION GROUP
    • Product
      • E-Detective
      • Wireless-Detective
      • E-Detective Decoding Centre (EDDC)
      • HTTPS/SSL Network Packet Forencics Device
      • Voip-Detective
      • Network Investigation Toolkit (NIT)
      • Network Packet Forensics Analysis Training (NPFAT)
      • Forensics Investigation Toolkit (FIT)
  • DIGITAL ASSEMBLY
    • Product
  • DT SEARCH
    • Product
      • Desktop With Spider
      • Netwwork With Spider
      • Publish (Portable Media)
      • Web With Spider
      • Engine For Linux
      • Engine For Win & Net
  • MOBILEDIT
    • Product
      • MOBILedit
      • MOBILedit ForenSic
      • Cables Kit
      • Phone copiar
      • COM Components
      • SyncML Server
  • HOT PEPPER
    • Product
      • E-Mail Detective-Forensic Software Tool
      • eChat Locker
      • 9501 Iridium Pager
      • 9501 Iridium/sp-66k-Pager Utility
        • General
        • Service
        • Developer
      • 9501 Iridium Pager Programmer-PPS
      • 9501 Iridium Pager Message Notification
  • NETWITNESS
    • Product
      • Spectrum
      • Visualize
      • Live
      • Informer
      • Investigator
      • SiemLink
      • API/SDK
      • NextGen Infrastructure
      • Decoder
      • Concentrator & Brocker
      • Investigator Freeware
• Servicios Forense Digital

Belkasoft Evidence Center Features

Case management
The product allows you to manage information for different cases. You can add information you are working with to a named case, give a name and a description to a case, create, edit and delete a case. This is handy when you work with multiple cases at a time.

Information persistence
All found information is now stored in a database. Unlike the older products, this product allows you to safely shut it down because all data is stored right after it is extracted. This enables you to work with multiple cases and handle big cases, for example, those involving multiple huge Outlook mailboxes. The product does not have a limit of 2Gb of Outlook mailbox space which the previous products have.

Integration
Unlike Belkasoft Forensic Studio which is a bundle of 3 products, Belkasoft Evidence Center integrates all the work with Instant Messengers, Browsers and Email in one user interface. You can perform all operations with a piece of evidence in a uniform way: it is possible, for example, to search through all found chats, URLs and emails in a single search operation. 
 

Multiple monitor support
The product has a number of windows showing various aspects of a case you are working with: Case Explorer, Item List, Item Properties, Task Manager and Search Results, to name just a few. To make it more efficient to work with this number of windows, the product supports multiple monitors so you can arrange windows and resize them as you find convenient. The product will remember your preferences and automatically restore window positions and sizes the next time you run product.

 Search a seized drive for histories
There is a seized hard drive in your lab and you want to find all history files contained there. You do not know which means of online communication the suspect has been using. The product allows you to search the whole hard drive for all supported types of histories: Instant Messenger chats, Browser URLs history, various mailboxes:

•All drives or particular ones may be selected

•You can select a particular folder to search through

•Histories to be looked for may be limited to a particular type (e.g. Skype files only)

•You can search a drive connected via Encase

•It is possible to manually select a history to analyze

After the software found history profiles for you, it is possible to select any of them and add to a case. At this point you can instruct the software to calculate profiles hash values to make sure they are not changed during the investigation. 
 Analyze found histories
The product does all the analysis with two mouse clicks:

•No password required

•You do not have to be logged under a history owner

•No write access required. The product works with write-blocking devices

Retrieving deleted history
If some history was deleted by a user, chances are that part of it can still be found on the drive. In order to do it the product uses so-called 'carving' techniques which helps to retrieve deleted conversations.

The following features are supported:

•Carving FAT and NTFS drives

•Carving drives attached through write-blocking device

•Carving drive images (Encase, SMART or DD format)

•Live memory investigation (carving RAM image made in win32dd/win64dd or FTK Imager)

Note! This feature allows to retrieve conversations, deleted from a drive. It will not help you in case some history was never stored on that drive, except for RAM image carving.

Explore extracted histories
The product shows extracted information in a user-friendly form:

Within the user interface you can:

•See all found history profiles

•See all contacts belonging to a chat profile

•See all mail folders belonging to an email profile

•See all conversations with a selected contact

•See all emails within a selected mail folder

•See a profile's original hash value and current hash value to make sure nothing was changed since the profile was added to a case

•Sort by various criteria

•Search history. Do simple searches through history and advanced searches using a file with a set of words to look for. Experienced users can benefit from searching by regular expressions, which is very useful while searching for templates or phrases with fuzzy structure, for example, credit card numbers

Bookmarking
You can mark any extracted information by using named bookmarks. Bookmarks are persistent and stored in the same database as the case is. You can see all pieces of information in a bookmark, go to the original item and, vice versa, from an item to any bookmark which contains that item. Bookmarked items are highlighted with another color, so you will not miss them in an item list.

Export history After completing your investigation, you need to export histories of interest in a readable form. The product allows you to:

•Export histories

 to plain text, HTML, XML, CSV and PDF.

•Limit exported histories to selected dates and contacts

•Split huge histories into separate files, broken by contact or mail folder

•Split reports into smaller files by specifying a number of items to be included in the report, for example, 50 messages per report file

Instant Messengers supported
The following IMs are supported (regular file analysis):

•ICQ (all versions from 97a to ICQ 7)
•Microsoft MSN/LiveMessenger
•Skype versions 2, 3, 4, 5
•Skype chatsync
•Yahoo! Messenger
•MySpace IM
•&RQ
•Miranda
•SIM
•Google Hello
•QIP
•QIP Infium
•Trillian
•QQ 2008 and earlier
•QQ 2009, 2010, 2011
•Digsby
•Rambler Virtus
•Mail.Ru Agent
•Pidgin
•AIM
•Gadu-Gadu (version 6)
•Qutim
Deleted history carving support:

•Skype 3
•Skype 4, 5
•Digsby
•ICQ Lite
•ICQ 7
•Miranda IM
•Windows Live Messenger
•QIP Infium/2010
•SIM
•AIM
•Virtus
•Pidgin
•Trillian
•Mail.ru Agent 5
•Gajim
•Emesene
•Yahoo! Messenger
Live memory images carving:

•AIM
•AIM Express
•ICQ 7
•Yahoo! Messenger
•Skype
•Gmail
•Windows Live Messenger
•Meebo
•Google Talk
•Facebook (personal messages)
•Vkontakte.ru (personal messages)
•e-Buddy
•YaOnline
Browsers supported
The following browsers are supported:

•Microsoft Internet Explorer
•Mozilla Firefox starting version 2
•Opera
•Google Chrome
•Apple Safari (except for password recovery)
Mailboxes supported
The following mailbox types are supported:

•Microsoft Outlook 2003, 2007 and 2010
•Microsoft Outlook Express
•RITLabs The Bat! (beta version)
Product editions
The product is available in the following of editions:

•Standard - this edition is a desktop product using local database.

•Enterprise - this edition is a client-server product allowing to store case information centrally on a dedicated server, so that different people can work with the same case simultaneously