Encase Forensic
4,808 views
17 slides
Jun 16, 2018
Slide 1 of 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
About This Presentation
Forensic tool for data recovery and because it is paid you have to pay for full access
Slide Content
By Megha Sahu
Introduction EnCase is a pack of digital forensics developed by guidance software system. This software system has numerous forms designed for cyber security, e-discover use, and forensics. This software recover data and the use it various court system. EnCase comprise of tools utilized in varied areas of the digital forensic process like analysis, acquisition, and reporting It includes EnScript , a scripting facility, with various APIs for evidence interactions. It searches an opening laptop and copy information which includes pictures , internet history, artifacts, documents, even the whole disk drive, and different digital evidences .
Encase Processor Recover folder FAT volume NTFS folder UFS and Ext2/3 partition Formatted Driver File signature analysis Protected file analysis Hash analysis : MD5 and SHA-1 supported Expand Compound Files
Continue.. Find Email Find internet Artifacts Search for Keyword En-script Modules: Run proper script to recover artifacts from the device. Custom Modules: Custom En-script modules can be added to the processor.
Download and Installation Just go to the below link and start download encase version 8. https://www.guidancesoftware.com/support/downloads/encase-forensic?utm_campaign=12541-EnCase_Forensic_8.06-20180207&utm_medium=Email&utm_source=Eloqua&cmpid=Email-Eloqua-12541-EnCase_Forensic_8.06-20180207&partnerref=12541-EnCase_Forensic_8.06-20180207&elqTrackId=c71f16df125842f5bd7e6b122d155e15&elq=77c149376c874e85ad6cde927a2bfd1a&elqaid=5441&elqat=1&elqCampaignId=2212 When the Encase get downloaded just run as administrator the file and choose the default setting or you can customized them. After successful installation it will show you the GUI of Encase version8.
Encase Image file format To store various kind of evidence Encase used Encase image file format(extension .E01) and it also referred as Expert Witness (Compression) Format. Disk formt Volume image Logical files Memory
Create image file bit by bit Go to Add Evidence Choose add local devices Now check the only device for which you want to make .e01 file
After completion of the process the window look like this
Now there is some field that you have to fillled to create Encase Image file after completion of this navigate to the folder where you save it and will show you the file with extension
Index – Syntax Example Keyword Search- Phrase Search- Find any word in a document- All word must appear in document- Exclude the second search term- Operators as keyword – wildcard X(fail) “fail error” fail OR error OR 404 fail AND error fail NOT 404 fail “and” error ? , *
Create New Case
After creating the case it look something like that
Now add avidence to the case
Operation Evidence process Case processor
THANKYOU
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 4,808
- Slides 17
- Favorites 2
- Age 2726 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
47 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
21 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views