• Abstract and Figures
• Public Full-text

X-Ways Software Technology AG X-Ways Forensics/ WinHex Integrated Computer Forensics Environment. Data Recovery & IT Security Tool. Hexadecimal Editor for Files, Disks & RAM. Manual Copyright © 1995-2014 Stefan Fleischmann, X-Ways Software Technology AG. All rights reserved. Contents 1 Preface ..................................................................................................................................................1 1.1 About WinHex and X-Ways Forensics.........................................................................................1 1.2 Legalities.......................................................................................................................................2 1.3 License Types ...............................................................................................................................2 1.4 Differences between WinHex and X-Ways Forensics..................................................................3 1.5 Getting Started with X-Ways Forensics........................................................................................4 2 Technical Background ........................................................................................................................5 2.1 Using a Hex Editor........................................................................................................................5 2.2 Endian-ness...................................................................................................................................6 2.3 Integer Data Types........................................................................................................................6 2.4 Floating-Point Data Types ............................................................................................................7 2.5 Date Types ....................................................................................................................................7 2.6 ANSI ASCII/IBM ASCII..............................................................................................................8 2.7 Checksums ....................................................................................................................................9 2.8 Digests ........................................................................................................................................10 2.9 Attribute Legend .........................................................................................................................10 2.10 Technical Hints ...........................................................................................................................11 3 User Interface.....................................................................................................................................12 3.1 Overview.....................................................................................................................................12 3.2 Start Center .................................................................................................................................13 3.3 Directory Browser.......................................................................................................................13 3.3.1 General Description................................................................................................................13 3.3.2 Virtual Objects........................................................................................................................15 3.3.3 Options ...................................................................................................................................16 3.3.4 Filters......................................................................................................................................19 3.3.5 Columns and Column-based Filters........................................................................................21 3.4 Mode Buttons..............................................................................................................................28 3.5 Status Bar....................................................................................................................................31 3.6 Data Interpreter ...........................................................................................................................32 3.7 Position Manager ........................................................................................................................33 3.8 Useful Hints ................................................................................................................................33 4 Menu Reference .................................................................................................................................34 4.1 Directory Browser Context Menu...............................................................................................35 4.2 Data Window Context Menu ......................................................................................................42 4.3 File Menu....................................................................................................................................43 4.4 Edit Menu ...................................................................................................................................45 4.5 Search Menu ...............................................................................................................................46 4.6 Navigation Menu ........................................................................................................................47 4.7 View Menu..................................................................................................................................48 4.8 Tools Menu .................................................................................................................................50 4.9 File Tools ....................................................................................................................................52 4.10 Specialist Menu...........................................................................................................................54 4.11 Options Menu .............................................................................................................................56 4.12 Window Menu ............................................................................................................................57 4.13 Help Menu ..................................................................................................................................57 4.14 Windows Context Menu .............................................................................................................58 5 Forensic Features...............................................................................................................................58 5.1 Case Management.......................................................................................................................58 II 5.2 Multi-User Coordination For Large Cases..................................................................................60 5.3 Evidence Objects ........................................................................................................................64 5.4 Case Log .....................................................................................................................................65 5.5 Case Report.................................................................................................................................66 5.6 Report Tables..............................................................................................................................67 5.7 Internal Viewer ...........................................................................................................................69 5.8 Registry Report ...........................................................................................................................71 5.9 Simultaneous Search...................................................................................................................73 5.10 Logical Search ............................................................................................................................74 5.11 Search Hit Lists...........................................................................................................................78 5.12 Search Term List.........................................................................................................................79 5.13 Event Lists ..................................................................................................................................81 5.14 File Type Categories.txt..............................................................................................................83 5.15 Hash Database.............................................................................................................................84 5.16 Time Zone Concept.....................................................................................................................86 5.17 Evidence File Containers ............................................................................................................87 5.18 Related Items ..............................................................................................................................89

Load more

  10

Copy Link