- Window 8 Search History Extractor When you use the Window 8 search box to conduct searches, the system will automatically remember each search term.
- Orion USB Write Blocker Orion USB Write Blocker is a software program that allows the user to either enable write protection for all USB devices that are connected to the computer or block USB devices completely.
- VSS Unlock VSS Unlock allows a user to copy system protected files and files that have been locked by other processes. The user has the option to copy a single file or a directory containing locked files.
Free Trial forensic tools available for download
Blockchain Detective is a low cost investigation software tool which is ideal for investigators either on a small budget, only occasionally deal with cryptocurrency investigations or deal with small size cryptocurrency/asset type investigations.
Blockchain detective has been created by Orion’s Director of Computer Forensics Services Andrew Smith. Utilizing publicly accessible blockchain explorer API’s, Blockchain Detective allows investigators to quickly download transactions for multiple blockchains. Blockchain Detective automatically generates an easy to follow visualization of the transactions, allowing investigators to easily follow the flow of crypto from one address to the next. Exchange addresses are automatically highlighted and all data can be easily saved into a SQLite database or exported out for easy inclusion into the investigators reports.
Blockchain currently supports the following blockchains:
- AVAX – Avalanche (C-Chain)
- BNB – BEP2/BEP20
- BTC – base58 or hash160
- ETH – Ethereum
- MATIC – Polygon (MATIC PRC20)
- Tron – TRX10/TRX20
Free forensic tools available for download
- MemGator 3.1.0 – MemGator is a memory file analysis tool that automates the extraction of data from a memory file and compiles a HTML report for the investigator.
- LiveGator – Orion Forensics have released LiveGator, an incident response tool that automates the collection of data from live computers.
- USB Forensic Tracker USB Forensic Tracker (USBFT) is a comprehensive forensic tool that extracts USB device connection artefacts from a range of locations within the live system, from mounted forensic images, from volume shadow copies, from extracted Windows system files and from both extracted Mac OSX and Linux system files. USBFT has the ability to mount forensic images and volume shadow copies.
- NTFS Journal Viewer NTFS Journal Viewer NTFS Journal Viewer (JV) is a portable tool that extracts and parses the NTFS change journal ($UsnJrnl) file. The change journal is a file that records when changes are made to files and directories and therefore can provide a wealth of information for the forensic investigator.
If you have any questions please email us at firstname.lastname@example.org
03/02/2012 What is Computer Forensics
09/01/2012 What is Computer Forensics (THAI)
General Forensics Papers
A series of articles aimed at raising the awareness of computer forensics in Thailand. The articles are intended for managers, lawyers and IT staff.
09/02/2023 Responding to a Ransomware Attack
27/05/2021 Keeping your Cryptocurrencies Safe
28/02/2014 Microsoft Windows 10 USB Forensic Artefacts
12/03/2012 Using_Digital_Evidence_in_Thai_Courts (THAI)