Technology Microsoft Software & solutions

Windows Forensic Tools

About Technology Wednesday, April/24/2024 Wednesday, April/24/2024 26 104

Windows forensics tools help forensic professionals obtain and transfer data.Warzone image by FotoWorx from Fotolia.com

Windows forensic tools are provided to local, state and federal governmental agencies so they may safely and securely collect and transfer crime scene information. While anyone may be able to download most of these tools for free, some tools will require users to contact Microsoft to set up a government account.

Forensic Evidence Extractor

The Computer Online Forensic Evidence Extractor, or COFEE, tool was created for law enforcement officials to capture and collect live crime scene evidence that could be downloaded to their computers later. The tool is free to use for first responders and law enforcement personnel anywhere around the world, and Microsoft offers free training on this tool to any interested party. The tool is fully encrypted, reducing the chance that information will be hacked or lost.

Live View 0.7b

This tool is compatible with the following Windows operating systems: 98, 2000, 2003, Server 2008, NT, Me and Vista. This tool is Java-based program that can convert nearly any type of disk or disk image into a VMware virtual machine. WMware is a company that creates a virtual framework that can host operating systems like Linux and Windows. With the Live View tool, forensic professionals can basically view a virtual copy of an image or disk without ever changing the original image or disk. Changes are made to the image or disk in a separate file, and users can add these changes to the source file they choose.

Forensic Acquisition Utilities

The Forensic Acquisition Utilities are a set of tools that allow users to sterilize media so it can be accurately duplicated at a later time. Other features include the ability to find the location of logical volume information--a way to assign space on a mass storage device--and it can also gather information from a workstation or server that is running. The tool also ensures that data is safe and secure, and it reduces the instances of damaging changes to the main drive. This tool must be used in conjunction with a software or hardware write blocker, which allows users to collect information off of the main drive without damaging the drive or files on the drive.

TULP2G

TULP2G allows users to find and then download information that is stored on different types of digital devices, including cell phones and subscriber identity module, or SIM, cards, which is most often used on mobile devices and stores information about a user, data and media.

Shrinky's Guide to Life: To Be On the Wire Is Life

How to Manually Start Task Manager

Microsoft 6/7/2024 8:05:00 AM 6/7/2024 8:05:00 AM

6/7/2024 8:05:00 AM 6/7/2024 8:05:00 AM 276

How to Reinstall the Active Directory for Windows XP

Microsoft 6/14/2024 7:08:00 PM 6/14/2024 7:08:00 PM

6/14/2024 7:08:00 PM 6/14/2024 7:08:00 PM 270

How to Speed Up a Dell Precision 690 Desktop

Microsoft 6/12/2024 6:25:00 AM 6/12/2024 6:25:00 AM

6/12/2024 6:25:00 AM 6/12/2024 6:25:00 AM 262

How to Uninstall Unwanted Programs on a Laptop With Windows Vista

Microsoft 6/11/2024 7:41:00 AM 6/11/2024 7:41:00 AM

6/11/2024 7:41:00 AM 6/11/2024 7:41:00 AM 260

How to Edit a Corrupt Registry

Microsoft 6/6/2024 7:11:00 PM 6/6/2024 7:11:00 PM

6/6/2024 7:11:00 PM 6/6/2024 7:11:00 PM 248

What Is Microsoft Windows Search Indexer?

Microsoft 6/6/2024 7:44:00 AM 6/6/2024 7:44:00 AM

6/6/2024 7:44:00 AM 6/6/2024 7:44:00 AM 226

How to Produce Black Mold

Education 2/20/2025 1:05:00 AM 2/20/2025 1:05:00 AM

2/20/2025 1:05:00 AM 2/20/2025 1:05:00 AM 221

Several types of black molds are hazardous, including Cladosporium, Pithomyces, Ulocladium, Aureobasidium and Memmoniella. The molds are typically formed from an area being wet and exposed to spores in the air. The type of black mold known as Rhizopus can be produced in this popular bread mold scien