Forensic Toolkit® (FTK®) is recognized around the world as the standard in computer forensics investigation technology. This court-validated digital investigations platform delivers cutting-edge analysis, decryption and password cracking all within an intuitive, customizable and user-friendly interface.

• Create images, analyze the registry, conduct an investigation, decrypt files, crack passwords, identify steganography, and build a report all with a single solution.

• Recover passwords from 100+ applications; harness idle CPUs across the network to decrypt files and perform robust dictionary attacks.

• KFF hash library with 45 million hashes.

• supports the largest, most complex datasets.

• Never lose work due to a crash, because the FTK components are compartmentalized. (Example: If the GUI crashes, the Workers continue to process data.)

• Ability to back up and archive cases.

• Every copy of FTK 3 includes a total of 4 Workers to enable distributed processing – 1 on the examiner machine and 3 distributed. Coming soon!

• The solution easily expands to incorporate Lab capabilities, such as unlimited distributed processing, collaborative analysis, central case/task management and web review. This is of particular value to law enforcement and government computer forensic labs.

• The GUI is 10 times more responsive.

• Distributed processing allows you to leverage up to 3 additional computers to dramatically reduce processing time and tackle massive data sets. Coming soon!

• True multi-processor and multi-threading support that takes advantage of hardware advancements.

• Wizard-driven processing ensures no data is missed.

• Pre- and post-processing refinement allows you to control how images are processed.

• Advanced data carving engine allows you to carve allocated and unallocated data and specify criteria, such as file size, data type and pixel size to reduce the amount of irrelevant data carved while increasing overall thoroughness.

• Optimized dtSearch integration delivers fast indexing and fast search results.

• RAM Dump Analysis

• Powerful index search engine and a proper full-feature regular expression engine for binary searches.

• Broad file system, compound file and email support.

• Supports popular encryption technologies, such as Credant, SafeBoot, Utimaco, EFS, PGP and Guardian Edge.

• Automatically identify potentially pornographic images, using the Explicit Image Detection (EID) add-on.

• Comprehensive Mac support .

• Perform network-based, secure, single-system forensic acquisition of physical devices, logical volumes and RAM.

• Secure Remote Device Mounting

• Easy-to-understand and easy-to-use GUI with pre-defined and customizable data views, advanced filtering, dockable windows and automated data categorization.

• Multiple data views allow users to analyze files in a number of different ways, such as native, hex, text and filtered.

• Full Unicode and Code Page support.

• Create detailed reports and output them into native format, HTML, PDF, XML, RTF, and more - with links back to the original evidence.

• Define Registry Supplemental Reports (RSR) During Pre-processing or Additional Analysis.

• Clear reporting on what files could not be processed or indexed with the Processing Exception/Case Info report.

• Create a CSV of the processed files that can be imported into Excel or a database application.

• Export MSGs for all supported email types.