Introduction: Computer forensics is a main branch of the computer science in terms of internet and computer related crimes. The main objective of computer forensics is to execute wrong investigation by utilizing digital data to find out who is the accountable for specific crime? based on various factors investigation agencies select the tools including experts on the team and budget.
For better investigation and research, there
are many computer forensics software are created by
the developers. Below some computer forensics tools are classified
into various head.
• Mobile devices analysis tools
•
Data and disk capture tools
• Database forensics tools
•
Internet analysis tools
• Mac OS analysis tools
• File
viewers
• Email analysis tools
• Network forensics
tools
• Registry analysis tools
• File analysis tools
There are some popular and important
software are listed below for the data recovery and computer
forensics:
CAINE is stands for
computer aided investigative environment. It is Linux and GNU live
digital forensics software which offers complete forensic atmosphere.
It has some special features like, user friendly tools, friendly
graphical interface, interoperable environment which provide supports
during the digital investigation etc.
Digital forensics
framework: This is another platform which is fully dedicated to
digital forensics. Without any trouble it can be used by non-experts
and by professionals. It comes under GPL license. It can be used for
data recovery; digital chain of custody, forensics
of Linux OS or windows, quick search for files Meta data, to access
the local or remote devices and many other things.
X-Ways forensics: For
digital forensics experts, this software is an advanced platform
because it runs on all windows version. The software has some
features which you can find out below.
• Data authenticity
•
RAM and memory analysis
• Well maintained file header
•
Automated activity logging
• Gallery view for images
•
Automatic detection of lost or deleted hard disk partition
•
Powerful file carving and various data recovery methods
• Bulk
hash calculation
• Easy detection of and access NTFS ADS
•
Automated registry report
• Disk imaging and cloning
•
It supports various file systems including FAT32, FAT16, FAT12, TFAT,
Ext2, Ext3, Ext4 and few more.
Encase: This another
multi-purpose popular platform with various quality tools for digital
forensic process and data recovery. This software can easily collect
data from unearth potential evidence and various devices. Based on
the evidence it also produces a report.
The sleuth kit: This is a
windows and UNIX based tool which helps in data recovery
and forensic analysis of computers. It comes with various tools which
help in analyzing disk pictures, file system investigation etc.
Volatility: This is a
memory forensics platform which used for malware and incident
response analysis. With the help of this tool one can extract
information from network connection, running processes, DLLs and
registry hives and network socket. It also extracts information from
hibernation, dump and windows crash files. This tool comes under GPL
license.
Bulk Extractor: This is a
very popular and important digital forensics and data recovery tool
which scans the directory files, disk image and extracts other useful
and important information. This tool is quite faster than other
similar kinds of tools because it ignores the file system structure.