Features
Comments
Forensic Triage supports:
• Computers (PCs, Apple Macs and Linux)
• Volatile memory (32bit and 64bit)
• USB and other removable devices
• Memory cards
• Loose hard disks
• Cell phones
• Satellite Phones
• Satellite Navigation Systems
Quickly collect and safely review
data from computers and all other
data storage devices without
changing potential evidence.
Collects the contents of volatile
memory (RAM) when performing
live collections from Windows
®
PCs.
Supports Garmin SAT NAV systems.
Process Driven & Touch Screen Interface
Enforces total control and audit of entire triage lifecycle. Collected data is
grouped using easily interpreted icons, representing key and relevant data
collection categories.
Forensically & Evidentially Sound
SPEKTOR
®
incorporates comprehensive and class leading audit logging of all
collection events, user actions and analysis processes, complying with forensic
best practices.
Logical and Intuitive Presentation of Data
SPEKTOR
®
presents results in a clear, accurate and easy to use interface helping you
make informed decisions later.
Create unlimited, reusable collection profiles
An easy to use wizard helps the user create powerful profiles that balance collection
speed with effectiveness ensuring they don’t miss vital evidence.
Secure Remote Access
Moving from the need to know to the need to share, SPEKTOR
®
’s unique remote
access feature allows backroom experts to immediately and securely assist front
line users.
Linux GTK Operating System
SPEKTOR
®
runs on an enhanced and secure Linux OS but with its intuitive touch
screen, process driven and user friendly interface, the operator needs no Linux
knowledge at all, SPEKTOR
®
keeps everything under control.
Forensic Imaging– Physical & Logical
Creates forensic images in a variety of proprietary imaging formats such as: EnCase,
FTK, SMART and DD.
Fast Data Collection
Our unique ultra-fast collection technology means SPEKTOR
®
completes connections
within minutes reducing time on target to the absolute minimum.
MacBook – Triage & Imaging Support
Often regarded as being notoriously difficult, even for skilled forensic personnel to
image, SPEKTOR
®
makes it simple to triage and image the latest MacBooks.
User Manual & Help
At the touch of a button, the user can read a comprehensive manual, get contact
details for support or select the language for the user interface.
Dynamic Analysis Engine
Rapid and fully automatic analysis of collected data which is clearly and
intuitively presented.
Images
Supports all image formats with lightning fast gallery view including comprehensive
metadata analysis and searching.
Documents
Displays cached pages, history and search terms used in the browsers. Also recovers
account information, passwords & auto-form field entries.
Windows Registry Artifacts - System Info
Plays and extracts metadata from all common audio and video formats, including
movies taken with the latest smartphones.
Comprehensive E-mail Review for:
MS Outlook (PST & OST),
Windows Live, Hotmail, EML, MSG, New mailbox formats
added regularly
Browse, search and review important registry details such as User Accounts, USB
device usage, network settings, most recent file activity, installed software and much,
much more.
Instant ‘web-speed’ searches
Searching is not limited to pre-defined keyword lists. All the collected data is indexed
and can be instantly searched to maximize the changes of finding critical data.
Encryption Detection & Password Recovery
SPEKTOR
®
scans all fields collected and will identify a wide range
of encryption including: PGP Bestcrypt, Truescrypt, Steganography
& Camouflage.
Multimedia
Browse, filter, sort and view all common office file types. All content is indexed and
instantly searchable.
Indexing & Fast Keyword Searching
Results data is rapidly indexed and searched using multiple user defined keyword lists.
Hash Matching
Finds known files fast using multiple, user defined hash lists.
Browser Activity Review for:
Internet Explorer, Google
Chrome, Firefox and Opera
SPEKTOR
®
processes common webmail and office email automatically, presenting
the results just like and email client, making email review brilliantly simple. Everything,
including attachments, are instantly searchable.
Chat Review for:
Skype, MSN Messenger and Yahoo! Messenger
Displays and indexes chat conversations, accounts, passwords
and contacts.
Export Function
Users can choose to export all files or just those which have been “tagged” for export.
Exported data includes a separate clear report together with a detailed file listing. Fully
supports import to i2 and similar systems.
SPEKTOR
®
Forensics Intelligence product features
Semi-rugged ATG
Fully-rugged XFR
