Maresware: Computer Forensics
Maresware: Computer Forensics software provides
an essential set of tools for investigating computer records and securing private information. It is
highly flexible to meet the needs of all types of investigators including:
law enforcement, intelligence agency, private investigator, corporate
security officers, and human resources personnel. Used within a forensic paradigm, the software
enables discovery of evidence for use in criminal or civil legal proceedings.
Internal investigators can develop documentation to support disciplinary
actions, yet do so non-invasively, to preserve evidence that could end
up in court. IT managers can quickly wipe drives to DOD standards for reuse, retirement, or for compliance with HIPAA and other privacy of information regulations. Read more below about the software and its advantages:
Some frequently used functions of
Maresware: Computer Forensics
- discovery of "hidden" files(such as NTFS Alternate Data
- for incident response purposes
- evaluation of timelines
- key word searching
- files verification
- drive wiping for information privacy and security
- file reformatting
- documenting all the examiner's steps and procedures
Sime programs of special interest from Maresware: Computer Forensics
Bates_no --a unique program for
adding identifying numbers to filenames in e-documents to prepare
records for evidentiary use. Or simply use as a records management
--a sophisticated copy program.
Copies source files (directories) to a destination (directory),
while maintaining full path and meta information (file dates/times).
Excellent for maintenance purposes, or evidence discovery.
X-Ways Meta Data
--a program to parse (and select items from )the large meta data field produced by the X-Ways
export list option. There is also a version to parse the X-Ways html report.
--searches thru all text files in a tree, and finds IP's, E-mail addresses,
URL's, Credit Card #'s, SSN's and other items.
Key Features of Maresware: Computer Forensics
- Speed and High capacity: Extremely rapid processing
of files of virtually unlimited size (a design feature engineered
through the use of highly-efficient C-programming and by the development
of non-integrated, highly-targeted individual programs). Read our
statistics on rapid processing.
- User Control: By selecting which program(s) to
use, the user--not the software--determines each step of the analysis
and specifies his preferred output format. All programs use similar
command line options.
- Flexibility: Do streamlined single-step tasks
or use any combination and sequence of programs for multi-step operations.
Automate for unattended processing. Simplify repetitive tasks with
familiar batch-file procedures.
- Documentation of examiner's procedures: Document
a complete history of your procedures and findings at every step.
Provide proof of the authenticity and integrity of the evidence.
To learn more about individual programs: read the Computer
Forensics Software List and follow the links there for
complete documentation, sample programs, or to purchase individual programs.
If you already know the name of the individual program, go directly
to it now by clicking on the appropriate alphabetical link at the bottom
of this page(ex: Files A-C).