Software

The field of computer security is rapidly evolving. To remain relevant, Digital Forensics Solutions has to constantly adapt to new technologies that meet the demands of our clients. In some cases there is no commercially available software to meet our analysis and investigation needs. When we encounter these problems we have the expertise to develop custom software solutions.

We have developed and currently maintain open source projects that have experienced wide use within the digital forensics and security communities.

DFS is now offering day-long Registry Decoder training sessions.
For more information, click here.

The Microsoft Windows registry contains a wealth of forensically interesting evidence. To automate the acquisition and analysis of this data, we applied for and received funding from the National Institute of Justice in order to develop a tool capable of these tasks. Registry Decoder is able to acquire the active and historical registry files (System Restore and Volume Shadow Service) from running machines, which was previously undoable, as well as perform analysis on these files. The offline analysis allows investigators to browse registry hives, search across evidence within the case, run plugins against specific sets of data within the registry, view differences of multiple registry hives, and automatically report evidence found.  For more information, please see the above link.