• No results found

Paraben s P2C 4.4. Release Notes

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Paraben s P2C 4.4. Release Notes"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Paraben’s P2C 4.4

Release Notes

(2)

Welcome to Paraben’s P2C 4.4!

Paraben's P2C is a comprehensive digital forensic analysis tool designed to handle more data, more efficiently while keeping to Paraben's P2 Paradigm of specialized focus of the entire forensic exam process.

P2C utilizes Paraben's advanced plug-in architecture to create specialized engines that focus on such things as E-mail, Network E-mail, Chat Logs, File Sorting, Internet file analysis and more all while increasing the amount of data that can be processed and utilizing resources through multi-threading and task scheduling. Not only is P2C affordable, it runs effectively with lower hardware requirements than you thought possible.

What’s New in P2C v.4.4

P2C can be run without full administrator’s rights.

Outlook 2016 PST databases are now supported.

Interface usability and accessibility with hotkeys have been improved.

Parsing NTFS folders has been improved.

Possible problems with file sorting in unallocated space have been fixed.

Possible problems with mounting RAW images have been fixed.

Possible problems with Data Triage parsing of email databases have been fixed.

Possible problems with content analysis in various types of evidence have been fixed.

Minor interface and performance improvements have been made.

(3)

P2C Key Features

Paraben’s P2C v.4.4 has the following key features:

Main features:

 Analyzing of disks and disk images with the most popular file systems, indexing, deleted data recovery, searching, and exporting.

 Analyzing of the most popular mail storage formats: viewing, searching, sorting attachments, and exporting.

 Analyzing of chat databases, registry hive files, OLE streams, archives, Internet browser data, memory dump files, and more.

 Analyzing the existing forensic containers, exporting data to them and creating the new ones.

General features:

 Full Windows 10 compatibility, including UAC and digital signature by Microsoft

 Back-end Firebird database for support of massive amounts of data

 Multi-threading and task scheduling capabilities to process more data in less time

 Convenient plug-in architecture

 Easy-to-use registration scheme

GUI features:

 GUI is redesigned and is now more sophisticated than ever.

 File viewers for popular file formats

 EXIF data viewer for graphic files including search in EXIF data and adding EXIF data to reports

 Special E-mail data viewer for viewing e-mail messages in different formats including viewing attachments

 Special Chat RTF viewer for viewing chat history in a convenient format

 Extracted text viewer with possibility of language changing for viewing results of optical character recognition

 Content analysis result viewer for viewing whether a file has signs of malware and malware scan report

 Data Triage

 Integrated Internet Explorer cache parser

 Adjustable font color and size

Plug-ins features:

 File system plug-ins allow you to examine logical and physical disks as well as individual files and folders (local,network and stored on CD/DVD) with:

o FAT12, FAT16, FAT 32, FATX

o ExtX

o HFS+

o NTFS (including partition free space and file slack)

o STFS

 Supports disk images from the most popular forensic imaging software

o Paraben's Forensic Replicator (PFR)

o Safeback 2-3

o EnCase 4-5-6-7

o RAW disk images (created in P2 Enterprise, Smart, etc.)

o Virtual PC Virtual HD image

(4)

 Supports memory dump files

 E-mail plug-in supports viewing multiple e-mail and network e-mail formats in a special e-mail data viewer (including support for exporting data to E-mail Examiner, EML [rfc822 compliant], Attachments only, MSG [OLE message], and PST [Outlook] e-mail formats)

o Microsoft Exchange 5.0, 5.5, 2000, 2003 SP1, 2007, 2010, 2013 (EDB)

o Lotus Notes 4.0, 5.0, 6.0, 7.0, 8.0, 8.5 (ODS 43 and 51), 9.0.

o Novell Group Wise up to 2012

o [new] Microsoft Outlook (PST) up to 2016

o Microsoft Outlook Express (EML)

o E-mail Examiner (EMX)

o AOL

o The Bat! (3.x and higher)

o Thunderbird

o Windows Mail

o Google Takeout storage

o Eudora

o Maildir

 Chat database plug-in supports many popular chat clients for viewing chat database contents in a convenient, color coded format for easy analysis

o Yahoo!

o Skype

o ICQ

o Miranda

o Hello (Including Thumbnails)

o Trillian

 OLE Storage plug-in supports the parsing and analysis of any OLE storage

 Archive plug-in supports many popular archive types including: zip, jar, xpi, iso, chm, cab, msi, ppt, doc, xls, arj, bzip2, cpio, deb, gzip, lzh, msis, rpm, split, tar, z, wim, and 7z.

 Internet Data plug-in supports the parsing and analysis of:

o Mozilla Firefox cache and history

o Internet Explorer cache, cookies, and history

o Google Chrome history, cookies, auto fill items, keywords and logins

 SQLite plugin supports parsing and analysis of SQLite databases including: *.db, *.Sqlite, *.Sqlite3, *.sqlitedb, *.db3, and others.

 iTunes backup plugin supports iPhone, iPad, and iPod Touch backups created by iTunes, including:

o iOS 1.x–9.x non-encrypted backups

o iOS 3.x–9.x encrypted backups

 Forensic Container plug-in allows:

o Creating a new Forensic Container

o Adding an existing Forensic Container as evidence

o Parsing the content of a Forensic Container as embedded data in the added file system evidence.

(5)

 DS case plug-in allows parsing and analysis of cases created by Paraben’s DS and Paraben’s Deployable DS.

 Game Console plug-in allows you to examine images of logical and physical disks with evidence from Xbox 360 including:

o FATX filesystem used by Xbox.

o STFS filesystem data intended to store packages created and downloaded by the Xbox.

o XDBF databases containing gamer profile data.

 Keyword Search plug-in creates a keywords database for keywords search:

o Perform keywords indexing of any text data

o Quick keywords search in indexed data including multiple parameters for email evidence

 Malware Scan plug-in allows you to check if an executable file has the signs of being malware.

 File sorting:

o Sort e-mail attachments

o Sort recovered deleted data

o Analyze file type/file extension mismatch

 Optical character recognition

 Deleted data recovery

Other features:

 Hash database features can manage and Filter Out Common Hashes (FOCH)

 Automatic detection of embedded data from supported file types (view e-mail archives, chat databases, disk image files, OLE storage, archives, etc. from the exact place they are stored without having to add them to your case separately)

 Multiple reporting options for complete customization (including a special malware report)

 Image Analyzer for pornographic image detection

 Optical character recognition for images of most popular formats

[NEW!]Malware scan for executable files

 An encrypted dynamic Forensic Container creation

 Robust advanced searching and filtering options including multi-encoding support

o Search within e-mail attachments including search by attachments type

o Search in deleted data, unallocated disk space, file slack, etc.

o Multi-parameter search for each type of data.

o Regular Expressions search.

o Ability to search for data without searching for its contents (file name/directory names)

o Multi selection of search results for adding to a Search results report.

 Exporting

o Export any file in its native format

o Export multiple files from different folders/disks/evidence types

o Export files/folders to forensic containers.

o Export mail storage contents to EML, EMX, PST, MHTML, and MSG formats.

o Export e-mail attachments in their native format.

o Export from search results and bookmarked data including multi-selection.

References

Download now ( PDF - 5 Page - 203.09 KB )

Related documents

Temperature- and doping-dependent nanoscale Schottky barrier height at the Au/Nb:SrTiO3interface

See supplementary material for macroscale current-volt- age-temperature characteristics and oxygen sensitivity (S1), BEEM noise contributions (S2), BEEM data for intermediate Nb

Paragon Exchange Granular Recovery 2010

 Support for mail databases (EDB files) of MS Exchange 2003 (32-bit) and MS Exchange 2010 (64-bit);  Direct access to Exchange databases inside backup archives of Paragon

A New Electrochemical Gradient Generator in Thylakoid Membranes of Green Algae

Despite the absence of detectable chloroplast ATP synthase and of significant ∆ pH across thylakoid membranes, the mutant analyzed still displayed a permanent electrochemical

Resolution, Relief, and Resignation: A Qualitative Study of Responses to Misfit at Work.

The resolution approach contained strate- gies aimed at reducing the sources of misfit, whereas the relief-seeking approach contained strategies seeking to reduce the pain

The impact of producer organisations on farm performance: A case study of large farms in Slovakia

establishment, functioning and administrative capacity of POs. Further, the support aimed to help PO members to adjust the quantity of production to market demand, to

Assessing readiness for headship within accredited school leader development programmes - a cross-country comparative analysis

I am currently studying for my EdD at the Institute of Education, University College London and am conducting a comparative analysis of the assessment of aspiring principals who

A Comprehensive Review of Seven Steps to a Comprehensive Literature Review

I had no idea what I was agreeing to do when I signed up to review Anthony Onwuegbuzie and Rebecca Frels’ landmark book, Seven Steps to a Comprehensive Literature

2014 ACI-NA Business Information Technology Conference Agenda (Updated as of March 24, 2014)

David Ruch, Director Information Systems, Minneapolis St Paul International Airport Dominic Nessi, Deputy Director/Chief Information Officer, Los Angeles World Airports Faith