EnCase Computer Forensics Demo

Author: threesandals
182905 View
7m 3s Lenght
88 Rating

This is a short demo of EnCase I worked up. If you are interested in some of what professional computer forensics software can do then this is for you.

Comments

  1. Do you know how to talk?
  2. If I had a dollar for every FPS in this video, I'd have a few bucks
  3. link download?
  4. What about FTK? Its better or not?
  5. Good luck with Adam Lanza's computer. Nobody is that good.
  6. SEEKING HELP! I was reformatting my boss's laptop and I backed everything up on a external HDD.I foolishly left it plugged in while I was reformatting, when it prompted me to choose a partition to install the OS on I blindingly deleted all available partitions. After realizing what I did I unplugged it immediately. I haven't formatted it or saved anything on it since the then. The drive doesn't show in my computer when I plug it in now tho I see it in the device manager.Can I get the files back?
  7. PART 2: and therefore would never seriously program or be hired by any company to seriously program any decent software for wide-scale linux distribution. Deployment is near impossible. All those different versions of GTK, and different API's and different toolbars like unity and different glibs and pibs and python and.....fuck me sounds like a lot of fun. I think I'll stick with .NET good old Win32 API's and windows. Works great. Worried about malware? Use a Limited User Account.
  8. No offense, I don't take any stock in anything you say, because you are a linux supporter/lover. That has already earned you a spot on my idiot list. All open source linux distros like Ubuntu suck major dick period!. Except for running a server, they can't, and will never be taken seriously in the mainstream of desktop computing. Why? Smart computer programmers such as myself know Ubuntu and the like are too full of confounding variables SEE PART 2:
  9. Generally the answers is no. I think that even one pass with random zeros if personally enough. A lot of this after even one pass of overwriting hard disk space with zeros is almost what we would call theoretical.
  10. hey i guttman 35 passed my entire free disc space can shit still be recovered using this program??????????????????
  11. @cssbrainDOTcom I disagree sir. I hide all my CP on encrypted virtual machines inside of encrypted file containers, with an AES-Serpant-Twofish algorithm, and keyfiles stored off site. I Joke I joke!!!
  12. @threesandals you ARE A JACKASS. The disk defrag will copy all parts of the file somewhere on the hard disk and then write it back to the back of the file before it. It jumbles nothing. If after all the files written to the hard disk you have space that hasnt been used or rewritten. That is the stuff encase will find. If you lucky enough that the evidence was in untouched space than you got it but if not the perp gets off.
  13. @quelorepario whatever.....
  14. @RoadieRon bullcrap.
  15. @threesandals So Could I recover Original Data from a HD that since 2000 has been formatted over15 times?
  16. @skingbinsane very true. They do have many tools. I work in the security field with the us military, law enforcement and also wit hthose often-3-letter-agencies of the us government. autopsy, photorec, C.A.I.N.E, D.E.F.T, EnCase,FTK, scalpel, and many other tools are used. Getting data is important, but Computer Forensics is also largely *HOW* and *WHY* you got the data, lest it not be admissable in a court of law.
  17. @RoadieRon Where did I say it was the "only tool used?" I'm not pulling this info out of thin air, I have talked with a director at a RCFL and was given a brief on the lab at the different platforms used and the main software used... They also use FTK by the way... They have pretty much everything to deal with a hardware and software configuration including every imaginable legacy system you can think of.
  18. @skingbinsane If you believe that is the only tool they use, you are sadly misinformed. Windows lacks certain tools and abilities found in other operating systems and tools under them.
  19. @RoadieRon lol... EnCase is used in FBI Forensics Labs... Most work is done on Wintel boxes... You're grossly misinformed. BTW, the version in this video is pretty dated so theres that too.
  20. @adityaiswest RAPIDSHARE ;)