product-banner-39_S.jpg 
                                                                                    Questions? Please contact us
Rapid discovery of malware impacts while in the field.

Gargoyle Investigator™ FLASH is our newest tool designed to simplify your investigations.  G-FLASH allows you to do a rapid search for known contraband, hostile, or "bad" programs, and allows you to retrieve significant information regarding activities, motives and intent of suspects or potential suspects while in the field.

Key Features:
Ability to conduct scans on any logical drive
20 datasets containing over 10,000 types of malicious software
Detailed forensic evidence reports with secure source timestamping
Ability to scan within archive files (.zip, .rar, .jar, .bh, .arj. lha, .lzh, .tar, .war, .enc, .bz2) 

License:
Single user licenseAnnual Software Maintenance Information.. 

Is Gargoyle court approved?
Gargoyle has been taken to court and used for several cases. With the easy to read HTML, timestamped reports, Gargoyle provides detailed evidence that is court ready.  Click here to read our customer testimonials.

What is malware detection?
Gargoyle quickly and easily determines whether malware is present on a system under investigation. Malware, short for malicious software, is designed to wreak havoc, hide potentially incriminating information, and/or disrupt or damage computer systems. Gargoyle employs custom datasets containing thousands of malware software signatures. Because the search is done for the individual files associated with a particular program, it is possible to find remnants even if the program has been deleted.

What can be identified?
Gargoyle provides the investigator with the ability to glean important suspect characteristics from the information revealed. The computer sophistication, covert behaviors, and paranoia levels (has the suspect tried to delete incriminating programs?) can all be derived when searching for applications with a common theme. These behaviors can assist in assessing suspect capability, activities, intent, threat or "consciousness of guilt".
  
 What is a dataset?
A dataset is simply a collection of malware applications and files, organized into a relational database. The database is formatted similarly to the NSRL distributions. One dataset (database file) is created for each malware category.
Separate datasets can be created for various classifications of malware (i.e. steganography software, vulnerability assessment tools, network sniffers, port scanners, hacker tools, password cracking tools, Denial of Service tools, etc.).* Additional datasets are released on a monthly basis.
View our current datasets
  
 
                               What is included in the package?
G-FLASH is delivered on a 2GB flash drive. Software maintenance and dataset subscriptions are sold separately.