Computer Forensics Simplified
P2C is a comprehensive forensic digital analysis tool capable of performing complete examinations and reporting on computer related data. With a built-in database and multi-threading capabilities, it is designed to handle vast amounts of data while utilizing all of your systems resources. P2C is a court approved tool that has over 12 years of development explicitly for computer forensic examiners.
Email Forensics Simplified.
Forensically examine hundreds of email formats including Outlook (PST and OST), Thunderbird, Outlook Express, Windows mail, and more. Email Examiner is one of the most comprehensive forensically sound email examination tools available.
Network Email Forensics Simplified
Network E-mail Examiner makes it easy to sift through hundreds of gigabytes of email. Whether you’re investigating Microsoft Exchange, Lotus Notes, or Novell GroupWise, your job just got easier with Network E-mail Examiner. Recover deleted email & export to other formats.
Forensic Image Mounting
Hard Drive Image Forensics Simplified.
P2X Pro is a forensic image mounting tool designed to help investigators manage and examine evidence. With P2X Pro you can mount forensic images as read-only local logical and physical disks. Once mounted, you can explore the contents of the image using Windows Explorer or you can load it into your forensic analysis tool.
DS was the first mobile forensic tool on the market. Designed from the ground up for forensically sound examinations of cell phones and other devices, DS set the industry standard for mobile investigations. Extracting data from devices is only the beginning. DS takes your investigation to the next level with advanced analysis capabilities, data and application parsing, automated deleted data recovery, and much more. Add to this list of features integration with Google Earth to pinpoint GPS data found on devices, case comparing to see what has changed on a device from one point in time to another, comprehensive reporting, and importing data from iTunes backups, BlackBerry Backups, cell tower location spreadsheets, Cellebrite & Tarantula data, and GPS/KML files and you won’t be able to find another mobile forensic tool that can match the features of DS.
Diamond Cut Forensics8 Audio Laboratory contains a large number of new features, improvements and enhancements that will make it a “must have” tool for any forensics lab.
Password Recovery Bundle
All password recovery tools in a single value pack. Unlock documents, decrypt archives, break into encrypted containers with an all-in-one password recovery bundle.
- Breaks passwords to several hundred formats
- Works 20 to 200 times faster with hardware acceleration using conventional video cards for GPU acceleration+
- Distributed attacks with excellent scalability on up to 10,000 computers
- Includes all relevant password recovery tools in a single package
Mobile Forensic Bundle
The complete mobile forensic kit in a single pack. Perform physical, logical and over-the-air acquisition of smartphones and tablets, break mobile backup passwords and decrypt encrypted backups, view and analyze information stored in mobile devices
- Tools for logical, physical and over-the-air acquisition of mobile devices
- Over-the-air acquisition of iOS devices, Microsoft and Google accounts
- iCloud acquisition with or without the password
- Breaks passwords to mobile backups with GPU acceleration
- Access to deleted evidence and forensically sound extraction
Distributed Password Recovery
Break complex passwords, recover strong encryption keys and unlock documents in a production environment.
- Break passwords to more than 300 types of data
- Heterogeneous GPU acceleration with multiple video cards per computer
- Works 20 to 200 times faster with hardware acceleration
- Linear scalability with low bandwidth requirements and zero overhead on up to 10,000 computers
- Remote deployment and console management
- Supports: all versions of Microsoft Office, OpenOffice, ZIP/RAR/RAR5, PDF, BitLocker/PGP/TrueCrypt. Over 500 formats supported.
iOS Forensic Toolkit
Perform physical and logical acquisition of iPhone, iPad and iPod Touch devices. Image device file system, extract device secrets (passwords, encryption keys and protected data) and decrypt the file system image.
- Physical acquisition for 32-bit and 64-bit iOS devices via jailbreak
- Logical acquisition with iTunes-style backup includes decrypted keychain
- Unlocks iOS devices with pairing records (lockdown files)
- Decrypts keychain items and extracts device keys
- Real-time file system acquisition for jailbroken devices
- Quickly extracts media and shared files, even if backup password is set
Perform logical and over-the-air acquisition of iOS, Windows Phone 8/8.1, Windows 10 Mobile and BlackBerry 10 devices, break into encrypted backups, obtain and analyze information from Apple iCloud.
- Break passwords and decrypt iOS backups with GPU acceleration
- Decrypt BlackBerry 10 backups
- Acquire data from Microsoft accounts
- Download iCloud backups and synced data with or without Apple ID password
Supports: local iOS backups (iTunes); iCloud and iCloud Drive backups; iCloud synced data (call logs, photos, browsing history etc.); BlackBerry 10 backups; Microsoft Account (with valid authentication credentials); Windows Phone 8, 8.1, Windows 10 Mobile backups; iCloud authentication tokens.
Analyze information extracted with ElcomSoft and third-party acquisition tools with a fast, lightweight viewer. Decrypt and view iOS backups and synced data, analyze iCloud Photo Library, BlackBerry 10 backups and Windows Phone/Windows 10 Mobile data, view passwords and access synchronized data with ease.
- Lightweight forensic viewer requiring no learning curve
- Analyze data extracted by ElcomSoft acquisition tools
- Access iOS notifications and deleted data such as Safari history records
- View information unavailable in other forensic tools
Supports: local iOS backups (iTunes), iCloud backups, iOS synced data (call logs, browsing history and so on), Windows Phone and Windows 10 Mobile backups, BlackBerry 10 backups.
Extract everything from your Google Account. Download users’ location history, files and documents,, Contacts, Hangouts Messages, Google Keep, Chrome browsing history, search history and page transitions, Calendars, images, and a lot more.
- Download the complete set of data from Google Account
- Extract significantly more information than available via Google Takeout
- Authenticate without a password and bypass Two-Factor Authentication
- Search, filter and analyze information with built-in viewer
- Access user passwords, browsing history, contacts, location history, email and much more
- Obtain files and documents from Google Drive
- Supports: Google Account, over-the-air acquisition, two-factor authentication, built-in viewer, Windows and Mac editions
Forensic Disk Decryptor
Instantly access data stored in encrypted BitLocker, FileVault 2, PGP and TrueCrypt containers. The tool extracts cryptographic keys from RAM captures, hibernation and page files or uses plain-text password or escrow keys to decrypt files and folders stored in crypto containers or mount encrypted volumes as new drive letters for instant, real-time access.
- Decrypt BitLocker, BitLocker To Go, FileVault 2, PGP and TrueCrypt volumes
- Extract cryptographic keys from RAM captures, hibernation and page files, escrow and Recovery keys
- Extract and store all available encryption keys
- Instantly mount encrypted containers as drive letters
- Capture the content of computer’s volatile memory with kernel-level tool
- Fast, zero-footprint operation
- A forensic-grade memory imaging tool is include
- Elcomsoft Forensic Disk Decryptor 2.0 now fully supports EnCase Images in the industry–standard .EO1 format, as well as encrypted DMG images. In addition, Elcomsoft Forensic Disk Decryptor can be used to create a portable installation on a user-provided USB flash drive. The portable installation can be used to image computer’s volatile memory and/or mount or decrypt encrypted volumes.
Axiom’s powerful search capability recovers evidence from hundreds of types of digital forensic artifacts. Find evidence that you didn’t know was there and that can’t be recovered by other tools.