ADF Triage-Investigator®

A proven triage solution to identify conclusive evidence immediately

 

tinv boxForensic backlogs are reaching unprecedented levels and are a significant threat facing the digital forensic community today. Justice departments worldwide are recognizing that there is an urgent need to allow trained investigators to collect immediate evidence by triaging suspect computers in the field.

Triage-Investigator is the most comprehensive tool available today for non-technical users to triage suspect computers. The tool is a must-have for all investigators, child protection officers, border agents, and IT professionals.

 

 

Easy to Use, USB Deployment, View Results Instantly

Triage-Investigator is executed directly on the suspect computer with no user interaction. Triage-Investigator utilizes the computer as a review station to display the results in real time.

rv1

 

Using Triage-Investigator

Prior to running a triage scan, users select the Search Profile corresponding to the information they need to collect and the evidence to search for on the suspect computers. Search Profiles can also be modified to include case-specific information. The Triage Key is then prepared in just one click. The scan is executed on a powered-on (live) or powered-off (boot) computer with the Triage Key and the Authentication Key (license).

steps

 

Download Powerful Law Enforcement SearchPaks®

The forensic triage community is actively sharing powerful SearchPaks created by major law enforcement agencies, including Immigration and Customs Enforcement (ICE) and the Federal Bureau of Investigation (FBI).

 

 

Key Savings

  • Avoid forensic delays and process cases faster
  • Avoid collecting unnecessary computers in the field
  • Allow forensic examiners to focus on critical tasks
  • Run multiple triage scans in parallel with a single license key
  • Key Benefits
  • Simple USB deployment
  • Automated and forensically sound process
  • Download powerful SearchPaks® created by law enforcement agencies
  • Define keywords to identify conclusive evidence quickly
  • Search and immediately review evidence
  • Forensic examiners can control triage scans

SearchPak®
Features

  • Identify all file types, including indecent images, videos, e-mail, MS Office documents, and archive files
  • File identification includes keywords, hash values, regular expressions, and image signatures
  • Import existing hash and keyword lists

Key Search Features

  • Target areas of recent activity on suspect computer
  • Target scan to specific file types and precise locations for faster scans
  • E-mail analysis (.pst, .ost)
  • Recover and search deleted files
  • Full Unicode support

CapturePak™

  • Installed applications
  • History of attached devices
  • General system information
  • Internet browsing history
  • Internet search history
  • Internet cookies
  • Networking information
  • User profiling information
  • Chat logs
  • State of drive encryption
  • Google Map artifacts
  • Password information
  • Windows encryption keys (live)
  • Dynamic memory (live)
  • Screenshot of all applications (live)
  • Clipboard (live)
  • And more ...

Supported Devices and Systems

  • Live scan of 32-bit and 64-bit versions of Windows XP, Vista, 7, Server 2003, and Server 2008
  • Boot scan of 32-bit and 64-bit Intel compatible computers (Windows, Linux, and Macintosh)
  • FAT, NTFS, EXT2, EXT3, HFS, and HFS+ file systems
  • Removable media (USB and FireWire hard drives, memory cards, etc.)

Contact Us | News | Jobs

Copyright © 2010 ADF Solutions Inc. - All Rights Reserved.