AccessData - Forensic Analysis Software

Introducing a new breed of forensic tool that combines the ease of use you've come to expect from AccessData with a whole new level of scale, processing power and depth of analysis.  With a number of game features, FTK2.0 delivers an investigative experience second to none.........

Integrated Solution

AccessData has done away with the need to purchase multiple tools to complete a case using FTK1.  Now, with a single solution you can create an image, view the registry, conduct an investigation, decrypt files, crack passwords, and build a report.

Integrated Database

You no longer need to suffer from the countless application crashes, lost work and general product instability that plague other solutions due to memory issues.  FTK2.0 is the first and only forensic solution to fully leverage an integrated Oracle database, enabling it to scale and support the largest and most complex investigations - without all the bugs.

Decryption & Passwords Cracking

Now, a standard component of every copy of FTK, AccessData's code breaking capability enables password recovery from more than 80 applications.  You can also harness idle CPU's on your network to decrypt files and perform, robust dictionary attacks.

AccessData Enterprise is a powerful, enterprise-scale investigative solution built on the forensic technology of Forensic Toolkit 2.0 (FTK). With an integrated Oracle database on the backend, true multi-processor support and robust processing capabilities, AD Enterprise is the most powerful investigative solution on the market. It is capable of handling larger data sets than other investigative solutions and processes data at greater speeds. 

AccessData Enterprise gives you visibility into data and systems across your enterprise. It enables you to proactively or reactively locate, preserve and contain confidential and personal data leakage, as well as address the most sensitive employee issues. 

Recover Passwords Quickly and Easily 

The AccessData Password Recovery Toolkit (PRTK™) gives you the ability to recover passwords from well-known applications. The PRTK can analyse an entire hard drive to locate encrypted and password protected files. Easily generate reports listing protected file information and their corresponding passwords. Each PRTK includes a licence disk, which restricts unauthorised use.

Putting Idle Time To Work

Distributed Network Attack (DNA) is a new approach to recovering password protected files. Instead of limiting the recovery by the processing power of one PC, DNA uses the power of machines across your local or world wide network to decrypt passwords.

Analyze & Decrypt Registry Data

Registry Viewer gives you the ability to view independent Windows Registry files. Registry Viewer provides access to "Protected Storage System Provider" information, which contains e-mail and Internet passwords, settings and search terms.

What are they and How do they help? 

A 40 bit encryption algorithm has slightly more than one trillion keys available.  A brute force attack of 500,000 keys per second would take approximately 25 days to exhaust the key space using a single 3 Ghz Pentium computer. 

With a Rainbow Table, a 40-bit encrypted file can be decrypted in seconds rather than days or weeks.  Each of our three different Rainbow Tables (MS Office for Word and Excel files, Adobe Acrobat for PDF files, and a table which allows you to recover Windows login passwords from LAN hash) are three terabytes in size.  The first two tables provide a decryption key with which to open an encrypted file; the third table provides the actual password.