jess LAND
       www.jessland.net
        Sponsored by:       
One eSecurity
www.one-esecurity.com
JISK Knowledgebase >>    About    News    Essentials    Architecture    FWs    IDS/IPS    Honeypots    Malware    Forensics   
  +  JSS Home    Projects    JSS Community    Events    News    Docs    About    Contact .

JISK > Forensics > Software > Windows Forensics Section Map

Windows Forensics Tools

Content Leader: Jess Garcia - Last Updated: September 29, 2007


 Acquisition 
 dd  The standard acquisition tool. 
  
 Date Conversions 
 Decode  Forensic Date/Time Decoder 
  
 Document Metadata 
 Redax  Plug-in for Acrobat that permanently removes sensitive content from PDF documents. 
 Office Remove Hidden Data Add-in  - Tool to permanently remove hidden data and collaboration data, such as change tracking and comments, from Microsoft Word, Microsoft Excel, and Microsoft PowerPoint files. 
 DocScrubber  Analyze and scrub hidden and potentially embarassing data in Word documents. 
  
 CDROM/DVD 
 CDRoller  CD/DVD data recovery tool. 
 ISOBuster  CD, DVD and blue ray (BD, HD DVD) data recovery tool. 
  
 Password 
 Asterisk Logger  Recovers passwords stored behind asterisks (****). 
 AsterWin IE  Reveals the passwords stored behind the asterisks in the web pages of IE5+ 
 Network Password Recovery  Recover network passwords stored by WXP 
 Protected Storage PassView  Recovers all passwords stored inside the Protected Storage. 
 Mail PassView  Recovers the passwords of most popular e-mail programs. 
 MessenPass  Recovers the passwords of most popular Instant Messenger programs. 
  
 Network 
 tcpview  Tool that shows all TCP & UDP connection details. 
  
 Registry 
 MiTec Windows Registry Recovery  Allows to read files containing Windows 9x,NT,2K,XP,2K3 registry hives and extract many useful information about configuration and installation settings 
 RegMon  Registry Monitor 
 RegSnap  RegSnap is a tool that can help you analyze changes made to the Windows Registry. 
 RegShot  Small utility that allows you to quickly take a snapshot of your registry and then compare it with a second one. 
  
 Digital Timestamping 
 Surety's Absolute Proof  Surety's AbsoluteProof® time-stamp service assures the integrity and long-term legal defensibility of your electronic records. 
  
 Web Browser 
 CookieView 
  
 Other (unsorted) 
 FavURLView 

Copyright © 2000-2008 Jessland - Jess Garcia's Website - All rights reserved.