Belkasoft Evidence Center 8.5 Offers Advanced Mobile Forensics and RAM Analysis

Share Article

Belkasoft rolls out an update to Belkasoft Evidence Center 2018. The new release delivers major improvements in the areas of live memory analysis and volatile evidence acquisition, improved mobile forensics with Android 7 support, and support for wallet apps of two popular crypto-currencies Bitcoin and Ethereum.

Belkasoft updates Belkasoft Evidence Center 2018 with multiple improvements, offering live memory analysis and malware detection for Windows 10 RAM dumps and enhancing support for Android physical acquisition. Belkasoft’s digital forensic suite now supports wallet apps for two of the most popular crypto-currencies Bitcoin and Ethereum, allowing experts to analyze transaction made with those crypto-currencies.

In addition, Belkasoft Evidence Center 2018 brings support for the latest mobile apps, technologies and operating systems up to date. iCloud backup downloader now supported for all versions of iOS up to and including iOS 11, while logical acquisition of Android devices now supports Android 7 Nougat.

“Evidence Center is a well-established digital forensic tool”, says Yuri Gubanov, Belkasoft CEO. “In this release, we are bringing the tool in sync with the latest desktop and mobile operating systems, apps and cloud services. We have also started to recognize the importance of digital crypto-currencies, allowing investigators to access transaction data in Bitcoin and Ethereum wallets.”

Carving for Volatile Evidence: Full Windows 10 Support

Belkasoft pioneered volatile evidence carving in Evidence Center quite some years ago. The technology works by analyzing volatile memory (RAM) dumps captured from live systems, enabling the discovery of essential evidence among the highly fragmented memory dump by analyzing and reconstructing the page tables.

Up until now, the ability to carve evidence was limited to memory dumps obtained from systems running Windows 7 and older. In this release, Belkasoft Evidence Center 8.5 brings the signature carving feature to the next level, adding full support for memory dumps obtained from computers running all versions of Windows 10. With Windows 10 now running on some 43 per cent of compatible Windows devices, there could be no better time to introduce this feature.

In addition, the revamped analysis module now offers new process extraction and visualization options, allowing experts to quickly review process that were running on the system being investigated.

Logical and Over-the-Air Acquisition Now Support iOS 11

Belkasoft Evidence Center 8.5 brings support for logical and over-the-air acquisition of iPhone and iPad devices running iOS 11. For iOS devices, Belkasoft Evidence Center 8.5 supports logical acquisition through iTunes backups as well as over-the-air extraction from iCloud. Version 8.5 brings support for the latest changes in Apple iCloud, allowing experts to download and analyze backups produced by iOS 11 devices.

Digital Wallet Support for Crypto-Currencies

In the world of traditional forensics, a digital wallet is an app that stores information about the user’s payment methods, discount and loyalty cards. The raise of crypto-currencies such as Bitcoin and Ethereum has changed that perception. A digital wallet now keeps the actual money, and stores information about the user’s financial transactions.

Evidence Center 8.5 adds support for crypto-currency wallets Bitcoin, Armory, and Jaxx, and supports two of the most popular crypto-currencies: Bitcoin and Ethereum.

About Belkasoft Evidence Center

Belkasoft Evidence Center is a world-renowned tool used by thousands of customers for conducting computer and mobile forensic investigations. Belkasoft Evidence Center can automatically discover, extract and analyze evidence from a wide range of sources including computer hard drives and disk images in all popular formats, memory dumps, mobile backups and chip-off dumps. The tool can capture and analyze volatile evidence stored in the computer’s RAM, identify encrypted files, carve Internet chat logs, Web browsing history and email communications including information stored in digital pictures and videos. The ability to process office documents in a wide range of formats enables investigators to perform near-instant full-text search among all the documents discovered on the suspect’s PC.

Low-level access to hard disk and system structures means that even data that has been deleted by the suspect cannot escape from investigators. Supporting Windows, Unix/Linux, Android and Mac OS X file systems, natively mounting images created in EnCase, FTK, X-Ways, DD and SMART formats, UFED and chip-off binary dumps, and many popular virtual machines without using these or any third-party tools, Belkasoft Evidence Center can collect more evidence than any single competing tool in its class.

About Belkasoft

Founded in 2002, Belkasoft is a global leader in digital forensics technology, known for their sound and comprehensive forensic tools. With a team of professionals in digital forensics, data recovery and reverse engineering, Belkasoft focuses on creating technologically advanced yet easy-to-use products for investigators and forensic experts to make their work easier, faster, and more effective.

With this focus in mind, Belkasoft introduces their flagship product, Belkasoft Evidence Center – an easy-to-use, integrated solution for collecting and analyzing digital evidence from mobile and computer devices. Customers in law enforcement, police, military, business, intelligence agencies, and forensic laboratories in 70+ countries worldwide use Belkasoft Evidence Center to fight homicide, crimes against children, drug trafficking, data leakage, fraud, and other online and offline crimes.

Belkasoft US is located at 1016 Middle Ave #6, Menlo Park CA 94025.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Yuri Gubanov
Belkasoft
+7 9119211201
Email >
Visit website