Tools

619 results - showing 341 - 360
« 1 ... 13 14 15 16 17 18 19 20 21 22 ... »

Tools

License Type
Free
Developer
Guidance/OpenText

This script finds credit card numbers which are valid according to the Luhn test.

Tools

License Type
Free
Developer
Guidance/OpenText

This script allows the examiner to create result-sets containing items (entries or records) that match user-specified file-types listed in the global file-types table.

Tools

License Type
Free
Developer
Guidance/OpenText

This script creates result-sets for each of the hash-categories associated with active hash-sets contained in the current case's active hash library/libraries. Note that in order to save time the script will only add one result per responsive entry. This applies even if the entry in question matches multiple hash-items with different hash-categories.

Tools

License Type
Free
Developer
Guidance/OpenText

This app creates a result-set from user-specified items excluding those items that match hash-items with a 'Known' category in the current hash-library. The script's built-in condition can be used to exclude additional items that have certain file-types, file-extensions, file-paths, file-names, etc. The examiner can opt to split the output into multiple result-sets that are grouped according to file-category or file-extension.

Tools

License Type
Free
Developer
Guidance/OpenText

This script is designed to create an EnCase logical evidence file (LEF) from the contents of one or more folders specified by the user.

Tools

License Type
Free
Developer
Guidance/OpenText

This script is designed to create/update a hash library using the hash-values contained in one or more tab-delimited hash-list files with CR/LF line-endings.

 

Tools

License Type
Free
Developer
Guidance/OpenText

This script decodes Cortana search-terms from user-specified IndexedDB.edb files. The script reads these files directly; it does not use the Windows Extensible Storage Engine API.

Tools

License Type
Free
Developer
Guidance/OpenText

A simple script used to identify all browser history cookie and cache files in a case and copy them out for further processing using 3rd party tools. Currently it only copies current live user data and does not attempt to recover deleted history/cache files. The script supports Internet Explorer Firefox Chrome/Chromium Opera and Safari on Windows *nix and Mac platforms. The script will search for browser files and folders and copy them out to a user specified folder using the structure: Device Volume User Browser This allows the use of 3rd party tools (e.g. Netanalysis or Cacheback etc.) to analyse the web browser history and cache. For example it allows the use of the Netanalysis 'Open All History From Folder...' function at the volume user or browser level depending on the records and/or functionality required.

Tools

License Type
Free
Developer
Guidance/OpenText

Importing customer contextual data enables you to integrate your enterprise or third-party database of whitelisted, blacklisted, and watchlisted hashes as you extract, transform, and load data to the analytics data warehouse. The MD5 hash(s) must be calculated prior to running the EnScript.

Tools

License Type
Free
Developer
Guidance/OpenText

This EnScript will run all the conditions from a specific folder. The results are saved in the Results view. For example, if there were 50 conditions in a folder, this app would allow the user you to run them all at once instead of selecting and running them individually.

Tools

License Type
Free
Developer
Guidance/OpenText

This template may serve you as basis for your own specific template and includes many Bookmark folders for often encountered topics during your exams. Bookmark Formats for reporting purposes are provided and tailored to each individual type of data. Includes over 80 pre-defined Bookmark Folders for commonly encountered artifacts, broken down into detailed categories like File Sharing Clients, Malware Analysis, Social Networking, Browsers and more.

Tools

License Type
Free
Developer
Guidance/OpenText

EnCase v7 EnScript to define criteria in a condition dialog and then bookmark those files into bookmark subfolders based on extensions.

Tools

License Type
Free
Developer
Guidance/OpenText

This is a File Mounter. Like the V6 file mounter, but for V7 and to mount the files not included in the Evidence processor.

Tools

License Type
Free
Developer
Guidance/OpenText

This script is designed to batch-extract selected reports created by the Case Analyzer and Sweep Enterprise EnScripts to comma-delimited spreadsheets.

Tools

License Type
Free
Developer
Guidance/OpenText

This script parses CUPS (Common UNIX Printing System) printer-control files of the type found on macOS.

Tools

License Type
Free
Developer
Guidance/OpenText

Have you found yourself in front of hundreds of thousands, or even millions, of internet history records? I have! Do you know what content is on td84kmeufhjeop83m.com? I don't either! (and I am kinda scared to look!) This app will sort and categorize the internet history records in your case. This app relies on 2 things:

Tools

License Type
Free
Developer
Guidance/OpenText

This plugin is designed to load the CD/DVD ISO images listed in a user-specified Windows text-file into the current case. The absolute path of each-image file should be listed one-per-line; each line being terminated by the Windows carriage-return line-feed sequence. Each file of a multipart image should be listed. The first file should have an 'iso' file-extension; second and subsequent files should have the extensions 'iso01' 'iso02' etc. The image files do not have to be listed in order, for instance all of the 'iso' files could be at the top of the list with the remainder following.

Tools

License Type
Free
Developer
Guidance/OpenText

This script bookmarks the exFAT directory-entries for the highlighted file/folder or selected files/folders in the current view.

Tools

License Type
Free
Developer
Guidance/OpenText

C-TAK provides examiners with accurate identification of cyber threats that may directly impact investigations. Not only can the presence and classification of these programs allow examiners to view suspects from a new perspective but suspect sophistication, covert behaviors, and paranoia levels can also be derived in searching for applications with a common theme. These behaviors can assist in assessing suspect capability, activities, intent, threat or “consciousness of guilt.”

Tools

License Type
Free
Developer
Guidance/OpenText

This is an EnCase plugin that allows the examiner to view bencoded files of the type used by many BitTorrent clients.

619 results - showing 341 - 360
« 1 ... 13 14 15 16 17 18 19 20 21 22 ... »