PDA

View Full Version : PassMark OSForensics Professional 3.1 Build 1004 Final



mitsumi
18-01-15, 03:01 AM
<b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b>
PassMark OSForensics Professional 3.1 Build 1004 Final | 53.40 MB

OSForensics allows you to identify suspicious files and activity with hash matching, drive signature comparisons, e-mails, memory and binary data. It lets you extract forensic evidence from computers quickly with advanced file searching and indexing and enables this data to be managed effectively.

Search within Files
If the basic file search functionality is not enough, OSForensics can also create an index of the files on a hard disk. This allows for lightning fast searches for text contained inside the documents. Powered by the technology behind Wrensoft's acclaimed Zoom Search Engine.

Search for Emails
An additional feature of being able to search within files is the ability to search email archives. The indexing process can open and read most popular email file formats (including pst) and identify the individual messages.
This allows for a fast text content search of any emails found on a system

Recover Deleted Files
After a file has been deleted, even once removed from the recycling bin, it often still exists until another new file takes its place on the hard drive. OSForensics can track down this ghost file data and attempt to restore it back to useable state on the hard drive.

Uncover Recent Activity
Find out what users have been up to. OSForensics can uncover the user actions performed recently on the system, including but not limited to:
Opened Documents
Web Browsing History
Connected USB Devices
Connected Network Shares

Collect System Information
Find out whats inside the computer. Detailed information about the hardware a system is running on:
CPU type and number of CPUs
Amount and type of RAM
Installed Hard Drives
Connected USB devices
and much more.

View Active Memory
Look directly at what is currently in the systems main memory. Attempt to uncover passwords and other sensitive information that would otherwise be inaccessible.
Select from a list of active processes on the system to inspect. OSF can also dump their memory to a file on disk for later inspection.

Extract Logins and Passwords
Recover usernames and passwords from recently accessed websites in common web browsers, including Internet Explorer, Firefox, Chrome and Opera.

V3.1.1004 - 16th of Jan 2015
Email Viewer
В Added handling of rfc2047 encoding in subject/address fields of MIME headers
В Fixed buffer overflow in status message while recovering deleted e-mails in PST files
В Fixed S shortcut key being processed instead of Ctrl+S to add attachments to case
В Fixed a bug with saving embedded message in PST/OST files as .msg. LIBPFF_ENTRY_TYPE_ATTACHMENT_DATA_OBJECT property was being saved as a stream instead of storage
ESEDB Viewer
В Fixed population of known ESEDB files to use localised folder names instead of hard-coded locations
File Indexing
В Pre-scanning can now be cancelled while scanning PST messages
В Updated Zoom indexer to fix some crash issues
В Updated Zoom Office XML plugin
В Improved length limit for meta fields in email files (used for FROM/TO/CC/BCC) from 255 characters to 65,535 characters.
В During indexing, fixed Total Bytes/Peak Physical Memory/Peak Virtual Memory not updating properly when > 2GB
В Fixed crash bug with buffer overflow and infinite add URL when indexing .MSG file with many attachments
В Fixed bug with only using last filename for all attachments of the same .MSG file
В Fixed bug with losing generated body text with attachment filenames Attachment(s): ... , ..." for .MSG file indexed.
В Fixed bugs with indexing plain text emails in .MSG files
В Fixed bugs with indexing Chinese PST files (metafield length limit caused Unicode corruption)
В Fixed bug with possible Unicode string corruption when longer than available buffer (with languages such as Chinese with 4 char MB UTF-8 characters)
В Fixed a bug with files sizes not being indexed in offline mode
В Fixed a potential crash caused by long URLS
В Fixed a crash during pre-scanning when indexing unallocated clusters
В Fixed bug with search index failing on old format index files after a search with new format index files.
В Fixed DOCX plugin that split words incorrectly due to revision history
В Fixed crash bug with XLS files with invalid cell.templateID values
Import Hash
В Fixed String/Buffer overflow during import progress updates (if import folder name is too long) by increasing string size
Internal Viewer
В If viewing an excel document that is password protected it will now display a relevant error message
Password Recovery
В Shadow copy now used if registry file is locked
Recent Activity
В Now attempting to get the localised name for the Documents and Settings folder from the registry when starting a recent activity scan so more information will be retrieved on non-english Windows installations.
В Shadow copy now used if registry file is locked
В Should now resolve shortcut (.lnk) files in Users Recent Items folder (when not using live acquisition scan option).
В Fixed scanning of system registry hives when no user hives are found
Search Index
В Fixed processing of FILETYPE_MSG and FILETYPE_ATTACHMENT_MSG index results
System Information
В Shadow copy now used if registry file is locked
ThumbCache Viewer
В When looking up default Windows.edb location, now using localised folder names instead of hard-coded locations
WinPE Builder
В Updated build of WinPE Builder. (Allows user to set NTFS filesystem with command line argument -f. Not enabled by default, since FAT32 supports booting both BIOS-based and UEFI-based PCs. UEFI based systems require that the boot files reside on FAT32 partition. If they are not on FAT32 the system may not see the device as bootable.)
Misc
В Fixed bug with handling of NTFS files with mix of compressed/non-compressed fragments
В Help file updates


DOWNLOAD LINKS:
(All below links are interchangable - Single Extraction - No password)





<b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b>
<b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b>

<b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b>
<b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b>

<b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b>
<b><font color=red>[Chỉ có thành viên mới xem link được. <a href="register.php"> Nhấp đây để đăng ký thành viên......</a>]</font></b>