Monthly Archives: August 2013

Conference in Italy

Belkasoft will be present at the “Forensic meeting” in Roma and Milan on Sep, 11-12. Nikita will have a speech on latest Belkasoft developments in the area of computer forensic analysis.

See more details on the event at http://www.4n6.it/en/news.php. Looking forward to meet our Italian customers!

Detecting Forged (Altered) Images

Are digital images submitted as court evidence genuine or have the pictures been altered or modified? We developed a range of algorithms performing automated authenticity analysis of JPEG images, and implemented them into a commercially available forensic tool. The tool produces a concise estimate of the image’s authenticity, and clearly displays the probability of the image being forged. This paper discusses methods, tools and approaches used to detect the various signs of manipulation with digital images.


How many kittens are sitting on the street? If you thought “four”, read along to find out!

The full article is available at Belkasoft Web site. Read the full article

Belkasoft Products Appear in Guidance EnCase AppStore, Two New Editions Introduced

Great news! We’re proud to announce yet another step leading to a tighter partnership with Guidance Software. Our entire product line is now officially integrated with Guidance EnCase, and appears in EnCase App Central. We view the tight integration with Guidance EnCase and the acceptance in EnCase App Central as a quality seal for our products. Our forensic tools enjoy continuous success among EnCase users. We’re looking forward for more EnCase customers to use our software.

We have also introduced two new editions of Belkasoft Evidence Center. The new entry-level edition is called Belkasoft Chat Analyzer. The other edition is called Belkasoft Chat & Social Analyzer. Belkasoft Chat Analyzer will cost EnCase users some $199, while Chat and Social Analyzer is $499. Belkasoft Chat Analyzer is identical, feature wise, to Belkasoft’s entry-level edition called Forensic IM Analyzer (regularly priced at $499.95), while Chat and Social Analyzer integrates the ability to carve hard drives, drive images and memory dumps (via Live RAM analysis) for remnants of chats and communications carried over a variety of applications such as instant messengers and social media (Facebook, Twitter etc.) At $499, Chat and Social Analyzer offers EnCase users more features than similarly priced Belkasoft’s entry-level edition.

The rest of the lineup (Professional and Forensic Studio Ultimate) is also published at EnCase App Central and is unchanged.

Belkasoft Evidence Center is available on EnCase App Central in four versions:

  • Chat Analyzer ($199)
  • Chat and Social Analyzer ($499)
  • Professional ($799)
  • Ultimate ($1,099)

You can read more on Belkasoft Evidence Center and download the free demo version at our Web site: http://belkasoft.com/

Read full press-release: Belkasoft Guidance AppCentral PR.pdf

Evidence Center 5.4 is out

We finally released this long-awaited update. We spent a lot of time developing, testing and improving this release. Well, it’s here now! Version 5.4 offers a host of new features, functionality and usability improvements, easily becoming the best Evidence Center so far. We’ve added faked image detection, recovery of destroyed SQLite evidence, Timeline view and much more!

What’s New in Belkasoft Evidence Center 5.4

Version 5.4 is an important major release, adding a wide range of new features. At a glance:

  • Forgery Detection plugin automatically identifies images that’ve been altered or modified since they left the camera;
  • Analysis of fragmented memory sets improves Live RAM analysis. It decomposes and reassembles memory snapshots to extract recently viewed JPEG images even if they are scattered around the memory dump;
  • Timeline adds a convenient aggregated view of user activities and system events;
  • Native SQLite database parsing with freelist support helps recover destroyed evidence such as cleared Skype histories;
  • Windows Registry support automatically locates and parses registry hives, extracting many types of valuable evidence.

Continue reading