Forensic Toolkit® (FTK®): Recognized around the World
as the Standard Digital Forensic Investigation Solution.
FTK is a court-cited digital investigations
platform built for speed, stability and ease of use. It provides comprehensive
processing and indexing up front, so filtering and searching is faster than with
any other product. This means you can “zero-in” on the relevant evidence
quickly, dramatically increasing your analysis speed. Furthermore, because of
its architecture, FTK can be setup for distributed processing and incorporate
web-based case management and collaborative analysis.
Visualize Big Data, Find the Relevant Evidence Faster
FTK’s database-driven, enterprise-class
architecture allows you to handle massive data sets, as it provides stability
and processing speeds not possible with other tools. It provides built-in data
visualization and explicit image detection technology to quickly discern and
report the most relevant material in your investigation. FTK’s interoperability
with all AccessData’s solutions, allows you to correlate massive data sets from
different sources, such as, computer hard-drives, mobile devices, network data,
internet storage and more. This capability makes FTK the only digital
investigation solution capable to reduce case investigative times by allowing
you to review data and identify relevant evidence, all in one centralized
location.
Automated Malware Triage and Analysis
Available as an add-on to FTK, Cerberus allows
you to determine the behavior and intent of suspect binaries, giving you
actionable intelligence without having to wait for the malware team to perform
deeper, more time consuming analysis. This automated malware triage and analysis
allows you to:
- Gain actionable intelligence in seconds to validate threats and take decisive
action.
- Achieve signature-less malware detection with proactive threat scans.
AccessData’s Decryption Solutions are the Key to Crack it!
AccessData has developed other industry-leading
solutions to assist in password recovery. These solutions are used in many
different environments to provide specific, password-cracking related functions.
Law enforcement and corporate security professionals performing computer
forensic investigations, utilize these solutions to access password-protected
files. Likewise, administrators can also utilize these solutions to recover
system passwords, lost personal passwords and more . AccessData’s Password
Recovery Toolkit® (PRTK®) and Distributed Network Attack® (DNA®) provide access
to passwords for a large number of popular software applications. PRTK runs on a
single machine only. DNA uses multiple machines across the network or across the
world to conduct key space and dictionary attacks.
The following add-ons are available to enhance the power and speed of
password-cracking with PRTK and/or DNA.
Rainbow (Hash) Tables
Rainbow Tables are pre-computed, brute-force attacks. In
cryptography, a brute-force attack is an attempt to recover a cryptographic key
or password by trying every possible key combination until the correct one is
found. How quickly this can be done depends on the size of the key, and the
computing resources applied. A system set at 40-bit encryption has one trillion
keys available. A brute-force attack of 500,000 keys per second would take
approximately 25 days to exhaust the key space combinations using a single 3 GHz
Pentium 4 computer. With a Rainbow Table, because all possible keys in the
40-bit keyspace are already calculated, file keys are found in a matter of
seconds-to-minutes; far faster than by other means. DNA and PRTK seamlessly
integrate with Rainbow Tables.
Portable Office Rainbow Tables (PORT)
AccessData Portable Office Rainbow Tables (PORT) are different
from the full Hash tables set. A statistical analysis is done on the file itself
to determine the available keys. This takes far less space than the Hash Tables,
but also takes somewhat more time and costs a small percentage in accuracy.