• Home
• La Empresa
• Forense Digital
• Recuperacion de Datos
• Seguridad Informatica
• Entrenamiento
• Noticias/News
• Contactenos
• eafit16
• emeaintelligence2012

• Productos Forense Digital
  • DIGITAL INTELLIGENCE
  • PASSWARE
  • PARABEN
  • MILLE2
  • TABLEAU
  • BELKASOFT
    • Products
      • Belkasoft Evidence Center
      • Belkasoft Forensic Studio
        • Features
      • Belkasoft Forensic im Analyzer
      • Belkasoft Forensic Carver
      • Belkasoft Mail Analyzer
      • Belkasoft Browser Analyzer
      • Belkasaoft Skype Analyzer
      • Belkasoft ICQ Analyzer
      • Belkasoft qq Analyzer
      • Belkasoft icq History Extractor
      • Belkasoft Popup Suppresser
      • Belkasoft Removex
  • SARC
  • MUSHROOM
  • X-WAYS
  • D-FLABS
  • WETSTONE
  • FERNICO
  • PROJECTPHONE
  • ADF SOLUTIONS
  • CLEARWELL
  • COGNITECH
  • ELCOMSOFT
  • ACRONIS
  • ACE LABORATORY
  • DECISION GROUP
  • DIGITAL ASSEMBLY
  • DT SEARCH
  • MOBILEDIT
  • HOT PEPPER
  • NETWITNESS
• Servicios Forense Digital

Belkasoft Forensic Studio Features

Search a seized drive for histories
There is a seized hard drive in your lab and you want to find all history files contained there. You do not know which means of online communication the suspect has been using. The product allows you to search the whole hard drive for all supported types of histories: Instant Messenger chats, Browser URLs history and cookies, various mailboxes:

•All drives or particular ones may be selected

•You can select a particular folder to search through

•Histories to be looked for may be limited to a particular type (e.g. Skype files only)

•You can search a drive connected via Encase

•It is possible to manually select a history to analyze
 Analyze found histories
The product does all the analysis with two mouse clicks:

•No password required

•You do not have to be logged under a history owner

•No write access required. The product works with write-blocking devices

Explore extracted histories
The product shows extracted messages in a user-friendly form:

Within the user interface you can:

•See all available histories and their extraction status

•See all contacts belonging to a profile

•See all conversations with a selected contact

•Sort by time, message direction, message text

•Apply filtering

•Search history. Do simple searches through history and advanced searches using a file with a set of words to look for. Experienced users can benefit from searching by regular expressions, which is very useful while searching for templates or phrases with fuzzy structure

Export history
After completing your investigation, you need to export histories of interest in a readable form. The product allows you to:

•Export histories to plain text, HTML and XML. IM Analyzer can also export to CSV format which is ideal for exploring data within powerful Microsoft Excel product

•Limit exported histories to selected dates and contacts

•Split huge histories into separate files, broken by contact

The resulting report is independent of your computer so you can burned it onto a CD and give it away.

Instant Messengers supported
The following IMs are supported:

•ICQ (all versions from 97a to ICQ 7)
•Microsoft MSN/LiveMessenger
•Skype versions 2, 3, 4, 5
•Skype chatsync recovery (Professional and Ultimate editions only)
•Yahoo! Messenger
•MySpace IM
•&RQ
•Miranda
•SIM
•QIP
•QIP Infium
•Google Hello
•Trillian
•QQ 2008 and earlier
•QQ 2009/2010 (Professional and Ultimate editions only)
See this link for details on retrieval QQ 2009/2010
•Digsby
•Rambler Virtus
•Mail.Ru Agent
•Pidgin
•AIM (search history files only)
You can search against a real drive as well as a drive image such as an Encase image, SMART or a DD image.

Deleted history carving support (Ultimate edition only):

•Skype 3
•Skype 4, 5
•Digsby
•ICQ Lite
•ICQ 7
•Miranda IM
•Windows Live Messenger
•QIP Infium/2010
•SIM
•AIM
•Virtus
•Pidgin
•Trillian
•Mail.ru Agent 5
•Gajim
•Emesene
•Yahoo! Messenger
You can carve a real drive as well as drive image such as an Encase image, SMART or a DD image.

Live memory images carving (Ultimate edition only):

•AIM
•AIM Express
•ICQ 7
•Yahoo! Messenger
•Skype
•Gmail
•MSN
•Meebo
•Google Talk
•Facebook (personal messages)
•Vkontakte.ru (personal messages)
•e-Buddy
•YaOnline
Browsers supported
The following browsers are supported:

•Microsoft Internet Explorer including IE version 8
•Mozilla Firefox versions 2 and 3
•Opera
•Google Chrome
•Apple Safari
Mailboxes supported
The following mailbox types are supported:

•Microsoft Outlook 2003 and 2007
•Microsoft Outlook Express
•RITLabs The Bat! (beta version)
Product editions
The product is available in a number of editions:

•Home - this edition is intended for home (individual) users. Organizations are not allowed to purchase this edition. Please note, that this is the most basic version of the product

•Standard - this edition is the basic version for organizational users. It contains Standard versions of Belkasoft Forensic IM Analyzer and Belkasoft Browser Analyzer

•Professional - this edition contains Professional versions of Belkasoft Forensic IM Analyzer and Belkasoft Browser Analyzer

•Ultimate - this edition contains Ultimate versions of Belkasoft Forensic IM Analyzer and Belkasoft Browser Analyzer. Please, note that Belkasoft Forensic IM Analyzer Ultimate is still Beta