DOCSLIB.ORG

X-Ways Forensics/ Winhex

X-Ways Forensics/ Winhex

X-Ways Software Technology AG X-Ways Forensics/ WinHex Integrated Computer Forensics Environment. Data Recovery & IT Security Tool. Hexadecimal Editor for Files, Disks & RAM. Manual Copyright © 1995-2014 Stefan Fleischmann, X-Ways Software Technology AG. All rights reserved. Contents 1 Preface ..................................................................................................................................................1 1.1 About WinHex and X-Ways Forensics.........................................................................................1 1.2 Legalities.......................................................................................................................................2 1.3 License Types ...............................................................................................................................2 1.4 Differences between WinHex and X-Ways Forensics..................................................................3 1.5 Getting Started with X-Ways Forensics........................................................................................4 2 Technical Background ........................................................................................................................5 2.1 Using a Hex Editor........................................................................................................................5 2.2 Endian-ness...................................................................................................................................6 2.3 Integer Data Types........................................................................................................................6 2.4 Floating-Point Data Types ............................................................................................................7 2.5 Date Types ....................................................................................................................................7 2.6 ANSI ASCII/IBM ASCII..............................................................................................................8 2.7 Checksums ....................................................................................................................................9 2.8 Digests ........................................................................................................................................10 2.9 Attribute Legend .........................................................................................................................10 2.10 Technical Hints ...........................................................................................................................11 3 User Interface.....................................................................................................................................12 3.1 Overview.....................................................................................................................................12 3.2 Start Center .................................................................................................................................13 3.3 Directory Browser.......................................................................................................................13 3.3.1 General Description................................................................................................................13 3.3.2 Virtual Objects........................................................................................................................15 3.3.3 Options ...................................................................................................................................16 3.3.4 Filters......................................................................................................................................19 3.3.5 Columns and Column-based Filters........................................................................................21 3.4 Mode Buttons..............................................................................................................................28 3.5 Status Bar....................................................................................................................................31 3.6 Data Interpreter ...........................................................................................................................32 3.7 Position Manager ........................................................................................................................33 3.8 Useful Hints ................................................................................................................................33 4 Menu Reference .................................................................................................................................34 4.1 Directory Browser Context Menu...............................................................................................35 4.2 Data Window Context Menu ......................................................................................................42 4.3 File Menu....................................................................................................................................43 4.4 Edit Menu ...................................................................................................................................45 4.5 Search Menu ...............................................................................................................................46 4.6 Navigation Menu ........................................................................................................................47 4.7 View Menu..................................................................................................................................48 4.8 Tools Menu .................................................................................................................................50 4.9 File Tools ....................................................................................................................................52 4.10 Specialist Menu...........................................................................................................................54 4.11 Options Menu .............................................................................................................................56 4.12 Window Menu ............................................................................................................................57 4.13 Help Menu ..................................................................................................................................57 4.14 Windows Context Menu .............................................................................................................58 5 Forensic Features...............................................................................................................................58 5.1 Case Management.......................................................................................................................58 II 5.2 Multi-User Coordination For Large Cases..................................................................................60 5.3 Evidence Objects ........................................................................................................................64 5.4 Case Log .....................................................................................................................................65 5.5 Case Report.................................................................................................................................66 5.6 Report Tables..............................................................................................................................67 5.7 Internal Viewer ...........................................................................................................................69 5.8 Registry Report ...........................................................................................................................71 5.9 Simultaneous Search...................................................................................................................73 5.10 Logical Search ............................................................................................................................74 5.11 Search Hit Lists...........................................................................................................................78 5.12 Search Term List.........................................................................................................................79 5.13 Event Lists ..................................................................................................................................81 5.14 File Type Categories.txt..............................................................................................................83 5.15 Hash Database.............................................................................................................................84 5.16 Time Zone Concept.....................................................................................................................86 5.17 Evidence File Containers ............................................................................................................87 5.18 Related Items ..............................................................................................................................89

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    10 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us