SlideShare una empresa de Scribd logo

Encase Forensic

Descargar como PPTX, PDF
M
Megha Sahu

Forensic tool for data recovery and because it is paid you have to pay for full access

Software
1 de 17
By Megha Sahu
Introduction • EnCase is a pack of digital forensics developed by guidance software system. • This software system has numerous forms designed for cyber security, e-discover use, and forensics. • This software recover data and the use it various court system. • EnCase comprise of tools utilized in varied areas of the digital forensic process like analysis, acquisition, and reporting • It includes EnScript, a scripting facility, with various APIs for evidence interactions. • It searches an opening laptop and copy information which includes pictures , internet history, artifacts, documents, even the whole disk drive, and different digital evidences.
Encase Processor • Recover folder 1. FAT volume 2. NTFS folder 3. UFS and Ext2/3 partition 4. Formatted Driver • File signature analysis • Protected file analysis • Hash analysis : MD5 and SHA-1 supported • Expand Compound Files
Continue.. • Find Email • Find internet Artifacts • Search for Keyword • En-script Modules: Run proper script to recover artifacts from the device. • Custom Modules: Custom En-script modules can be added to the processor.
Download and Installation • Just go to the below link and start download encase version 8. • https://www.guidancesoftware.com/support/downloads/encas e-forensic?utm_campaign=12541-EnCase_Forensic_8.06- 20180207&utm_medium=Email&utm_source=Eloqua&cmpid=E mail-Eloqua-12541-EnCase_Forensic_8.06- 20180207&partnerref=12541-EnCase_Forensic_8.06- 20180207&elqTrackId=c71f16df125842f5bd7e6b122d155e15& elq=77c149376c874e85ad6cde927a2bfd1a&elqaid=5441&elqat =1&elqCampaignId=2212 • When the Encase get downloaded just run as administrator the file and choose the default setting or you can customized them. • After successful installation it will show you the GUI of Encase version8.
Encase Image file format • To store various kind of evidence Encase used Encase image file format(extension .E01) and it also referred as Expert Witness (Compression) Format. 1. Disk formt 2. Volume image 3. Logical files 4. Memory
Create image file bit by bit I. Go to Add Evidence II. Choose add local devices III. Now check the only device for which you want to make .e01 file
After completion of the process the window look like this
Now there is some field that you have to fillled to create Encase Image file after completion of this navigate to the folder where you save it and will show you the file with extension
Index – Syntax Example • Keyword Search- • Phrase Search- • Find any word in a document- • All word must appear in document- • Exclude the second search term- • Operators as keyword – • wildcard X(fail) “fail error” fail OR error OR 404 fail AND error fail NOT 404 fail “and” error ? , *
Create New Case
After creating the case it look something like that
Now add avidence to the case
Operation 1) Evidence process 2) Case processor
Encase Forensic

Recomendados

04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Encase V7 Presented by Guidance Software august 2011
Encase V7 Presented by Guidance Software august 2011Encase V7 Presented by Guidance Software august 2011
Encase V7 Presented by Guidance Software august 2011CTIN
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imagingDINESH KAMBLE
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imagerParminderKaurBScHons
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics toolSreekanth Narendran
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools Jyothishmathi Institute of Technology and Science Karimnagar
 

Recomendados

04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - Notes04 Evidence Collection and Data Seizure - Notes
04 Evidence Collection and Data Seizure - NotesKranthi
 
Encase V7 Presented by Guidance Software august 2011
Encase V7 Presented by Guidance Software august 2011Encase V7 Presented by Guidance Software august 2011
Encase V7 Presented by Guidance Software august 2011CTIN
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
Preserving and recovering digital evidence
Preserving and recovering digital evidencePreserving and recovering digital evidence
Preserving and recovering digital evidenceOnline
 
Forensic imaging
Forensic imagingForensic imaging
Forensic imagingDINESH KAMBLE
 
Module 02 ftk imager
Module 02 ftk imagerModule 02 ftk imager
Module 02 ftk imagerParminderKaurBScHons
 
Autopsy Digital forensics tool
Autopsy Digital forensics toolAutopsy Digital forensics tool
Autopsy Digital forensics toolSreekanth Narendran
 
Current Forensic Tools
Current Forensic Tools Current Forensic Tools
Current Forensic Tools Jyothishmathi Institute of Technology and Science Karimnagar
 
Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensicsChaitanya Dhareshwar
 
Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Windows forensic artifacts
Windows forensic artifactsWindows forensic artifacts
Windows forensic artifactsn|u - The Open Security Community
 
Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Introduction to forensic imaging
Introduction to forensic imagingIntroduction to forensic imaging
Introduction to forensic imagingMarco Alamanni
 
Data recovery tools
Data recovery toolsData recovery tools
Data recovery toolsuniversity of Gujrat, pakistan
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System ForensicsArunJS5
 
Incident response process
Incident response processIncident response process
Incident response processBhupeshkumar Nanhe
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
Windows registry forensics
Windows registry forensicsWindows registry forensics
Windows registry forensicsTaha İslam YILMAZ
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics abdullah roomi
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Registry forensics
Registry forensicsRegistry forensics
Registry forensicsPrince Boonlia
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensicsprimeteacher32
 
SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012
SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012
SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012peterchanws
 
Accessioning Born-Digital Materials
Accessioning Born-Digital MaterialsAccessioning Born-Digital Materials
Accessioning Born-Digital Materialspeterchanws
 

Más contenido relacionado

La actualidad más candente

Digital forensics
Digital forensics Digital forensics
Digital forensics vishnuv43
 
Introduction to forensic imaging
Introduction to forensic imagingIntroduction to forensic imaging
Introduction to forensic imagingMarco Alamanni
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System ForensicsArunJS5
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Sagar Rahurkar
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenesprimeteacher32
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - NotesKranthi
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 

La actualidad más candente (20)

Intro to cyber forensics
Intro to cyber forensicsIntro to cyber forensics
Intro to cyber forensics
 
Digital forensics
Digital forensics Digital forensics
Digital forensics
 
Windows forensic artifacts
Windows forensic artifactsWindows forensic artifacts
Windows forensic artifacts
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Introduction to forensic imaging
Introduction to forensic imagingIntroduction to forensic imaging
Introduction to forensic imaging
 
Data recovery tools
Data recovery toolsData recovery tools
Data recovery tools
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
 
Operating System Forensics
Operating System ForensicsOperating System Forensics
Operating System Forensics
 
Incident response process
Incident response processIncident response process
Incident response process
 
Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...Digital Forensics best practices with the use of open source tools and admiss...
Digital Forensics best practices with the use of open source tools and admiss...
 
Windows registry forensics
Windows registry forensicsWindows registry forensics
Windows registry forensics
 
Mobile Forensics
Mobile Forensics Mobile Forensics
Mobile Forensics
 
Processing Crimes and Incident Scenes
Processing Crimes and Incident ScenesProcessing Crimes and Incident Scenes
Processing Crimes and Incident Scenes
 
01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes01 Computer Forensics Fundamentals - Notes
01 Computer Forensics Fundamentals - Notes
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Registry forensics
Registry forensicsRegistry forensics
Registry forensics
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic Investigations
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
 

Similar a Encase Forensic

SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012
SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012
SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012peterchanws
 
Accessioning Born-Digital Materials
Accessioning Born-Digital MaterialsAccessioning Born-Digital Materials
Accessioning Born-Digital Materialspeterchanws
 
INTRODUCTION TO WINDOWS.pptx
INTRODUCTION TO WINDOWS.pptxINTRODUCTION TO WINDOWS.pptx
INTRODUCTION TO WINDOWS.pptxnorwinadriatico
 
Malicious File for Exploiting Forensic Software
Malicious File for Exploiting Forensic SoftwareMalicious File for Exploiting Forensic Software
Malicious File for Exploiting Forensic SoftwareTakahiro Haruyama
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolsN.Jagadish Kumar
 
Concepts of Malicious Windows Programs
Concepts of Malicious Windows ProgramsConcepts of Malicious Windows Programs
Concepts of Malicious Windows ProgramsNatraj G
 
Internet Evidence Finder Overview
Internet Evidence Finder OverviewInternet Evidence Finder Overview
Internet Evidence Finder OverviewJADsoftware1
 
Window xp by nishant raghav
Window xp by nishant raghavWindow xp by nishant raghav
Window xp by nishant raghavNishant Raghav
 
Poking The Filesystem For Fun And Profit
Poking The Filesystem For Fun And ProfitPoking The Filesystem For Fun And Profit
Poking The Filesystem For Fun And Profitssusera432ea1
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationSam Bowne
 
Remnux tutorial-1 Statically Analyse Portable Executable(PE) Files
Remnux tutorial-1 Statically Analyse Portable Executable(PE) FilesRemnux tutorial-1 Statically Analyse Portable Executable(PE) Files
Remnux tutorial-1 Statically Analyse Portable Executable(PE) FilesRhydham Joshi
 
Useful Shareware for Technical Communicators - STC New England Interchange co...
Useful Shareware for Technical Communicators - STC New England Interchange co...Useful Shareware for Technical Communicators - STC New England Interchange co...
Useful Shareware for Technical Communicators - STC New England Interchange co...Ed Marshall
 
operating system ondesktop computer ( laptop)
operating system ondesktop computer ( laptop)operating system ondesktop computer ( laptop)
operating system ondesktop computer ( laptop)BandaruGowtham1
 
2nd unit part 1
2nd unit part 12nd unit part 1
2nd unit part 1Pavan Illa
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesLesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesGene Carboni
 
Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1Subhransu Behera
 
CNIT 152 8. Forensic Duplication
CNIT 152 8. Forensic DuplicationCNIT 152 8. Forensic Duplication
CNIT 152 8. Forensic DuplicationSam Bowne
 

Similar a Encase Forensic (20)

SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012
SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012
SCA Accessioning Born-Digital Materials Workshop, Nov. 8, 2012
 
Accessioning Born-Digital Materials
Accessioning Born-Digital MaterialsAccessioning Born-Digital Materials
Accessioning Born-Digital Materials
 
INTRODUCTION TO WINDOWS.pptx
INTRODUCTION TO WINDOWS.pptxINTRODUCTION TO WINDOWS.pptx
INTRODUCTION TO WINDOWS.pptx
 
Malicious File for Exploiting Forensic Software
Malicious File for Exploiting Forensic SoftwareMalicious File for Exploiting Forensic Software
Malicious File for Exploiting Forensic Software
 
computer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software toolscomputer forensic tools-Hardware & Software tools
computer forensic tools-Hardware & Software tools
 
Concepts of Malicious Windows Programs
Concepts of Malicious Windows ProgramsConcepts of Malicious Windows Programs
Concepts of Malicious Windows Programs
 
Internet Evidence Finder Overview
Internet Evidence Finder OverviewInternet Evidence Finder Overview
Internet Evidence Finder Overview
 
Window xp by nishant raghav
Window xp by nishant raghavWindow xp by nishant raghav
Window xp by nishant raghav
 
Poking The Filesystem For Fun And Profit
Poking The Filesystem For Fun And ProfitPoking The Filesystem For Fun And Profit
Poking The Filesystem For Fun And Profit
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic Duplication
 
Remnux tutorial-1 Statically Analyse Portable Executable(PE) Files
Remnux tutorial-1 Statically Analyse Portable Executable(PE) FilesRemnux tutorial-1 Statically Analyse Portable Executable(PE) Files
Remnux tutorial-1 Statically Analyse Portable Executable(PE) Files
 
Useful Shareware for Technical Communicators - STC New England Interchange co...
Useful Shareware for Technical Communicators - STC New England Interchange co...Useful Shareware for Technical Communicators - STC New England Interchange co...
Useful Shareware for Technical Communicators - STC New England Interchange co...
 
operating system ondesktop computer ( laptop)
operating system ondesktop computer ( laptop)operating system ondesktop computer ( laptop)
operating system ondesktop computer ( laptop)
 
SOFTWARE
SOFTWARESOFTWARE
SOFTWARE
 
2nd unit part 1
2nd unit part 12nd unit part 1
2nd unit part 1
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesLesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and Libraries
 
K04 software
K04 softwareK04 software
K04 software
 
Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1Hacking and Securing iOS Apps : Part 1
Hacking and Securing iOS Apps : Part 1
 
6421 b Module-10
6421 b Module-106421 b Module-10
6421 b Module-10
 
CNIT 152 8. Forensic Duplication
CNIT 152 8. Forensic DuplicationCNIT 152 8. Forensic Duplication
CNIT 152 8. Forensic Duplication
 

Más de Megha Sahu

security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurationsMegha Sahu
 
AWS virtual private clould
AWS virtual private clouldAWS virtual private clould
AWS virtual private clouldMegha Sahu
 
kubernates and micro-services
kubernates and micro-serviceskubernates and micro-services
kubernates and micro-servicesMegha Sahu
 
single sign-on
single sign-onsingle sign-on
single sign-onMegha Sahu
 
Nessus Software
Nessus SoftwareNessus Software
Nessus SoftwareMegha Sahu
 
Startup Theory
Startup TheoryStartup Theory
Startup TheoryMegha Sahu
 
Environmental Science
Environmental ScienceEnvironmental Science
Environmental ScienceMegha Sahu
 
LISTENING SKILLS
LISTENING SKILLSLISTENING SKILLS
LISTENING SKILLSMegha Sahu
 
Passport Automation System
Passport Automation SystemPassport Automation System
Passport Automation SystemMegha Sahu
 
Case-Study Flipkart
Case-Study FlipkartCase-Study Flipkart
Case-Study FlipkartMegha Sahu
 

Más de Megha Sahu (17)

security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurations
 
AWS virtual private clould
AWS virtual private clouldAWS virtual private clould
AWS virtual private clould
 
presentation
presentationpresentation
presentation
 
kubernates and micro-services
kubernates and micro-serviceskubernates and micro-services
kubernates and micro-services
 
Aws
AwsAws
Aws
 
Onelogin
OneloginOnelogin
Onelogin
 
Justcloud
JustcloudJustcloud
Justcloud
 
single sign-on
single sign-onsingle sign-on
single sign-on
 
Splunk
SplunkSplunk
Splunk
 
Nmap
NmapNmap
Nmap
 
Nessus Software
Nessus SoftwareNessus Software
Nessus Software
 
Startup Theory
Startup TheoryStartup Theory
Startup Theory
 
Environmental Science
Environmental ScienceEnvironmental Science
Environmental Science
 
LISTENING SKILLS
LISTENING SKILLSLISTENING SKILLS
LISTENING SKILLS
 
Passport Automation System
Passport Automation SystemPassport Automation System
Passport Automation System
 
Case-Study Flipkart
Case-Study FlipkartCase-Study Flipkart
Case-Study Flipkart
 
News Bytes
News BytesNews Bytes
News Bytes
 

Último

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in sowetomasabamasaba
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...masabamasaba
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburgmasabamasaba
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnAmarnathKambale
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareJim McKeeth
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...masabamasaba
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfonteinmasabamasaba
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...masabamasaba
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationJuha-Pekka Tolvanen
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxAnnaArtyushina1
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfonteinmasabamasaba
 

Último (20)

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 

Encase Forensic

  • 2. Introduction • EnCase is a pack of digital forensics developed by guidance software system. • This software system has numerous forms designed for cyber security, e-discover use, and forensics. • This software recover data and the use it various court system. • EnCase comprise of tools utilized in varied areas of the digital forensic process like analysis, acquisition, and reporting • It includes EnScript, a scripting facility, with various APIs for evidence interactions. • It searches an opening laptop and copy information which includes pictures , internet history, artifacts, documents, even the whole disk drive, and different digital evidences.
  • 3. Encase Processor • Recover folder 1. FAT volume 2. NTFS folder 3. UFS and Ext2/3 partition 4. Formatted Driver • File signature analysis • Protected file analysis • Hash analysis : MD5 and SHA-1 supported • Expand Compound Files
  • 4. Continue.. • Find Email • Find internet Artifacts • Search for Keyword • En-script Modules: Run proper script to recover artifacts from the device. • Custom Modules: Custom En-script modules can be added to the processor.
  • 5. Download and Installation • Just go to the below link and start download encase version 8. • https://www.guidancesoftware.com/support/downloads/encas e-forensic?utm_campaign=12541-EnCase_Forensic_8.06- 20180207&utm_medium=Email&utm_source=Eloqua&cmpid=E mail-Eloqua-12541-EnCase_Forensic_8.06- 20180207&partnerref=12541-EnCase_Forensic_8.06- 20180207&elqTrackId=c71f16df125842f5bd7e6b122d155e15& elq=77c149376c874e85ad6cde927a2bfd1a&elqaid=5441&elqat =1&elqCampaignId=2212 • When the Encase get downloaded just run as administrator the file and choose the default setting or you can customized them. • After successful installation it will show you the GUI of Encase version8.
  • 6.
  • 7. Encase Image file format • To store various kind of evidence Encase used Encase image file format(extension .E01) and it also referred as Expert Witness (Compression) Format. 1. Disk formt 2. Volume image 3. Logical files 4. Memory
  • 8. Create image file bit by bit I. Go to Add Evidence II. Choose add local devices III. Now check the only device for which you want to make .e01 file
  • 9. After completion of the process the window look like this
  • 10. Now there is some field that you have to fillled to create Encase Image file after completion of this navigate to the folder where you save it and will show you the file with extension
  • 11. Index – Syntax Example • Keyword Search- • Phrase Search- • Find any word in a document- • All word must appear in document- • Exclude the second search term- • Operators as keyword – • wildcard X(fail) “fail error” fail OR error OR 404 fail AND error fail NOT 404 fail “and” error ? , *
  • 13. After creating the case it look something like that
  • 14. Now add avidence to the case
  • 15.