The new Belkasoft Triage T release is focused on getting administrative rights in the event you are logged in as a non-privileged user.
With the help of the new version of Belkasoft T, you can try elevating your user rights from that of a standard user to that of an admin user, by exploiting some methods available for the following versions of Microsoft Windows operating systems:
- Windows 10 1803: all builds up to 17134.1967 (included), before the update on Feb 9, 2021
- Windows 10 1809: all builds up to 17763.1728 (included), before the update on Feb 9, 2021
- Windows 10 1903: all builds
- Windows 10 1909: all builds up to 18363.1350 (included), before the update on Feb 9, 2021
- Windows 10 2004: all builds up to 19041.789 (included), before the update on Feb 9, 2021
- Windows 10 20H2: all builds up to 19042.789 (included), before the update on Feb 9, 2021
Belkasoft announces the release of v.1.12 of Belkasoft X. The new version introduces:
- Massive update of file-based decryption
- SQLite forensics improvements based on NIST testing of Belkasoft X
- iOS agent-based and checkm8-based acquisition improvements
- New powerful eDiscovery features
- Semantics 21 integration
- Multiple performance improvements
- New and updated artifacts for mobile and computer sources
Belkasoft invites you to the fourth CTF challenge. The 'Kidnapper Case' BelkaCTF is planned for March 11-12. Test yourself in a close-to-real-life example and solve a complicated DFIR case.
Belkasoft releases a fix for log4j vulnerability, contained in ElasticSearch used by Belkasoft X. The build 1.11.9199 is made available under your Customer Portal account. Trial version is updated, too.
Belkasoft announces the release of v.1.11 of Belkasoft X. The new version introduces:
- iCloud backup downloads are supported, including 2FA support
- Cloud support massively updated, including Google clouds, Gmail, WhatsApp, and Office 365, 2FA supported where it was not previously
- Volume Shadow Copy analysis massively improved
- Facebook secret chats decryption supported
- Wickr, Signal, and other iOS apps: support for decryption with keychain extracted with a third-party tool
- New system artifacts added for Linux
- And even more features
Belkasoft announces the appointment of Arvinder Singh Garcha as Vice President of Channel & Alliances. In this role, Arvinder will be driving Belkasoft's global channel strategy, leading towards continued growth and supporting Belkasoft's partner community.
"Arvinder knows everyone, and everyone knows Arvinder in the industry of digital forensics and incident response," says Yuri Gubanov, CEO and Founder of Belkasoft. "Having him onboard will definitely bring our partner care on a new level, what eventually will have a great positive impact to our customers."
Find more information here.
Belkasoft has just released an update for Belkasoft's triage product, which features the performance gain and number of improvements, requested by the first users of the product.
Particularly, we supported HTML report creation which conveniently shows all files exported by a user to a TAR image including its file system dates (NTFS times, too). The report will also be useful for non-technical users who do not have tools to review TAR.
Find more information on Belkasoft T capabilities here.
Belkasoft announces the release of v.1.10 of Belkasoft X. An exciting version 1.10 introduces:
- MFT and Alternate Data Streams viewers
- Android screen capturing for any application
- Reworked mobile acquisition flow
- Microsoft Office 365 cloud support
- Further improvements in iOS agent-based acquisition
- And even more features...
We are happy to announce that Belkasoft Incident Investigations (Belkasoft N) is released. Belkasoft N is aimed at incident response professionals, working in a corporate environment. The product helps to identify traces left over from malware and hacking attempts on a Windows computer.
Attend a webinar on the new Belkasoft N with Belkasoft CEO, Yuri Gubanov and learn about key features, advantages, and 'how it works' details.
The webinar will take place on September 7. Reserve your spot now.
Recently Belkasoft team released Belkasoft Triage, a new DFIR tool developed specifically for a quick analysis of a live computer and making a partial image of important data. We didn't intend to provide Belkasoft T trial, but a lot of customer requests have changed our plans. Now one can try Belkasoft T for free.
Why should you test Belkasoft T?
- It is easy-to-use
- No installation is required
- Quick and smart
- Easy configuration
- Compatibility with Belkasoft X for a deeper analysis
Request Belkasoft T trial now at belkasoft.com/get.
Belkasoft announces a new release of Belkasoft X. Version 1.9 introduces:
- Two new Android acquisition methods, namely Android Screen Capture and Android Advanced ADB
- Support for encrypted ADB backups
- APK downgrade improvements
- iOS agent-based acquisition fixes for iOS v.11.2.*
- Support for Belkasoft T images analysis, and other improvements.
We are happy to announce that Belkasoft Triage (Belkasoft T) is released. Belkasoft T is a new digital forensic and incident response tool developed specifically for a quick triage of a live computer. It allows you to locate important data and, if needed, to create a partial image of selected evidence.
Attend a webinar on the new Belkasoft T with Belkasoft CEO, Yuri Gubanov and learn about key features, advantages, and 'how it works' details.
The webinar will take place on August 12. Reserve your spot now.
Belkasoft announces a new release of Belkasoft X. Version 1.8 of Belkasoft X introduces:
- Massive improvements in the Android APK downgrade method
- Android SD card acquisition support
- Two-factor authentication support for iCloud download
- The possibility to re-attach a data source
- Crypt14 decryption for WhatsApp, and other improvements.
Belkasoft invites you to the third CTF challenge. The "Meet The Boss" BelkaCTF is planned for June 18-19. There will be two tracks: one for professionals and the other one for students.
The ultimate fight with drug dealers depends on you, brave DFIR warriors!
checkm8-based full file system iOS acquisition built in Belkasoft X supports the newest iOS 14.6. Thus, the versions supported are 12.0-14.6.
Belkasoft is extremely proud to be nominated to the finals of prestigious Forensic 4:cast Awards 2021. Thank you all for your support!
Please vote now for Belkasoft X as DFIR Commercial Tool and for Belkasoft as DFIR Team of the Year in the final voting. Vote here
Belkasoft announces a new release of Belkasoft X. Version 1.7 of Belkasoft X introduces:
- Spreadtrum acquisition
- Grouping similar faces found in pictures
- Decryption of Signal backups on Android
- Support for MacQuisition APFS T2 images, and other improvements.
We are happy to announce that Belkasoft Remote Acquisition (Belkasoft R) is officially released.
Among the key benefits:
- Easy to deploy endpoints
- Support for both Windows and macOS operating systems
- Support for Android and iOS remote imaging
- Support for various network configurations and VPNs
Belkasoft invites you to the second CTF challenge. The new CTF will be a part of our BelkaDay America digital forensics and incident response conference which is going to take place on May 14 and 15.
You need to prove or disprove the involvement of the suspect in activities related to drug trafficking. There will be two tracks: one for professionals and the other one for students.
BelkaDay America is scheduled for May 14-15. Save the date!
The first two Belkasoft online conferences united hundreds digital forensic experts from law enforcement and corporate.
Belkasoft team and our partners are preparing inspiring sessions for you. What’s more, we have invited special guests to speak on hot topics!
You may also want to share your expertise and submit your presentation on Digital Forensics or Incident Response.
Check the detailed agenda and reserve your spot for the event.
Belkasoft is proud to be named one of finalists at SC Awards 2021 for the Best Computer Forensic Solution nomination. This is one more proof of the high quality of our new DFIR Belkasoft X product and recognition of our efforts making one of the world's best DFIR tools.
Please also support us at the Forensic 4:cast Awards at https://forensic4cast.com/forensic-4cast-awards
Belkasoft announces a new release of Belkasoft X. Version 1.6 of Belkasoft X introduces:
- Wickr Me decryption and analysis for all platforms including Android, iOS, Window and Linux
- APK downgrade for Firefox, Puffin, TikTok, OneDrive and ICQ
- Support for images of the newly released Belkasoft R[emote Acquisition] product
- iOS agent-based acquisition for iOS 14, and other improvements.
We are happy to announce the launch of Belkasoft Remote Acquisition (Belkasoft R), a DFIR tool for remote extraction of hard and removable drives, RAM, connected mobile devices, and specific types of data.
Belkasoft R will be useful in cases when an incident response analyst or a digital forensic investigator needs to gather evidence quickly and the devices in question are situated in geographically distributed locations.
Read more and be the first to try a beta version
Belkasoft announces a new release of Belkasoft X. Version 1.5 of Belkasoft X introduces:
- WhatsApp downloading with QR code
- Mounting and analysis of UFD with .DAR
- More Google cloud and macOS artifacts, and other improvements.
BelkaDay Europe digital forensics conference is almost here!
During the conference, there will be presentations by Belkasoft developers, invited digital forensics experts, networking, and CTF competition. Little time left. Check the whole agenda and register here
Belkasoft announces a new release of Belkasoft X. Version 1.4 of Belkasoft X introduces:
- iOS crash log extraction
- .DAR image support
- More macOS artifacts, cloud acquisitions features, and other improvements.
This year we have decided to conclude the BelkaDay Europe virtual conference with the exciting challenge: individual “capture the flag” forensic competition.
This is a great opportunity to utilize knowledge you got during the conference.
We prepared a close to real life case, which you will solve by means of Belkasoft X.
Feel excited? Register here and read the instructions carefully.
Good luck to all the participants of the CTF challenge!
Belkasoft announces a new release of Belkasoft X. Version 1.3 of Belkasoft X introduces:
- Acquisition of Android devices using EDL mode
- APK downgrade support
- A number of other major improvements, including new Mac system files, long-awaited font size selection, additional video formats and so on.
BelkaDay Europe virtual conference is back in 2021. The event will be held on March 15th. Save the date!
A year ago, BelkaDay conference united about one hundred digital forensic experts from law enforcement and corporate all over the world. This year we expect even more participants and even more networking opportunities!
Belkasoft team and our partners are preparing inspiring sessions for you. What’s more, we have invited special guests (widely known in a digital forensic world!) to speak on hot topics! The detailed agenda for the BelkaDay conference will be available soon.
Meanwhile, reserve your spot for the event.
You may also want to share your expertise and submit your presentation on Digital Forensics or Incident Response.
Belkasoft announces a new release of Belkasoft X. The version 1.2 of Belkasoft X introduces:
- Logical acquisition of rooted Android devices (in addition to physical acquisition).
- Full file system iOS acquisition using checkm8 method updated for iOS 14.3 and 14.4
- iOS СhatSecure and Snapchat applications analysis support
- Notifications and netconfig analysis for macOS
- A number of issues fixed and improvements made
Belkasoft X supported a new method of acquiring MTK-based Android devices.
In the latest update in Belkasoft Evidence Center X, we supported agent-based MTK acquisition. It allows you to get an unencrypted copy of the device's file system and create a physical image through this method.
The new release also includes multiple bugfixes and artifacts, including custom jumplists, password extraction from new Chrome versions, SQLite freelist improvements, and many more.
You can find the full list of improvements and supported Android device models here.
Belkasoft announces a new minor release of Belkasoft X.
We start the new year with the latest update of our product. In this version network licenses are improved.
Don’t hesitate to install it.
Belkasoft announces a new release of Belkasoft X.
Now, all versions from iOS 10 to 13.7 are supported for the agent-based acquisition, including both acquisition of a full file system image and a keychain extraction (with an exception of 6S and SE 1st gen models).
Processing of large APFS images has been improved so more artifacts are found now. A number of new features has been added.
Find more information in the complete "What's New".
We are happy to announce the launch of Belkasoft Evidence Center X! With this upgraded product, you get to simplify your workflow while enhancing productivity.
We implemented thousands of customer requests, and the result is a modern and easy-to-use product. Be the first to enjoy powerful features such as video forensics, iOS knowledgeC parsing, AFF4 and ProjectVic support and all other improvements.
Read more about new features.
Belkasoft now supports checkm8-based acquisition of iOS 14-14.2 for iPhone 7 and 7+ models (and corresponding iPad models). The update is provided in Belkasoft X only. To get a pre-release version today, send a request to firstname.lastname@example.org
Are you a fun of Halloween? Belkasoft offers you a unique version of Belkasoft X: Belkasoft X Halloween edition (the one which our CEO has shown in the recent Forensic Lunch). You can buy this edition for the limited time until the midnight of November 1st!
Contact email@example.com to learn more.
Belkasoft Evidence Center 9.9 now supports checkm8-based acquisition for iOS 14 and available for iPhones 6S, 6S Plus and iPhone SE (1st gen).
Customers with valid licenses can download the update from the Customer Portal. Read more...
Belkasoft announces the launch of the new product—Belkasoft Evidence Center X (BEC X), a reliable end-to-end solution designed to accelerate digital forensics investigations. BEC X encompasses hundreds of man-years of research and development, thousands of customers' suggestions and feature requests, numerous usability studies and complete visual redesign.
Currently, BEC X is available as a beta-version to a restricted audience.
checkm8-based full file system iOS acquisition built in Belkasoft Evidence Center supports the newest iOS 13.6. Thus, the versions supported are 12.3-13.6.
Belkasoft Evidence Center with checkm8 now supports lifting USB restricted mode. Starting build 5401 of Belkasoft version 9.9800, the product gets past the restrictions automatically during the acquisition process.
Good news: checkm8-based full file system iOS acquisition built in Belkasoft Evidence Center perfectly works with the newest iOS 13.5. Thus, versions supported are 12.3-13.5.
The new Belkasoft Evidence Center v.9.9800 build 5195 features agent-based iOS full file system acquisition on a broader range of iOS versions and devices. This method is a great complementary approach to our checkm8-based acquisition since it covers even devices and iOS versions which are not vulnerable to checkm8. Particularly, you can acquire iPhone XS and XR, 11, some iPads etc.
Belkasoft is extremely proud to be one of the three nominees of DFIR Commercial Tool of the Year at the Forensic 4:Cast Awards. Thank you all for your support!
Please vote now for Belkasoft Evidence Center as DFIR Commercial Tool in the final voting at https://forensic4cast.com/forensic-4cast-awards/2020-forensic-4cast-awards
Belkasoft transfers its BelkaDay events into a virtual format.
Meet Belkasoft team, its partners and European peers during BelkaDays Europe – Online Digital Forensics Conference on April 20-21, 2020.
- Hot digital forensics content: listen our team’s lectures and learn from experts at Group IB, Passware, Elcomsoft.
- Online networking: communicate with your colleagues from all European countries.
- Get the most staying safe at home: event streaming to all types of devices, including the official mobile application for networking.
The conference program is intended for 2 days and contains:
Day 1: New challenges: What is expected from a modern forensic tool?
Day 2: What LE wants to learn: What makes a training useful?
Sign up for online BelkaDay to attend sessions on hot digital forensics topics. Read more
iOS 13.4 is supported by Belkasoft within its checkm8-based full file system copy feature.
It makes Belkasoft the only digital forensic tool in the world having this feature. Read more
Great news! Belkasoft supports keychain extraction from iOS devices. In addition, Signal iOS app decryption is supported.
The new feature is available in Belkasoft Evidence Center v.9.9800.4928 with checkm8. Keychain is extracted either in the process of iPhone acquisition using #checkm8 method built-in Evidence Center or, if you have a jailbroken iPhone, keychain will also be extracted no matter what jailbreak was used.
The Signal chat extraction and decryption are based on acquired keychain data.
checkm8-based acquisition is supported in Belkasoft v.9.9800. Read more
Evidence Center 2020 v.9.9 is out!
The version 9.9 of Belkasoft Evidence Center mostly focuses on two major improvements: analysis of GrayKey images and zip containers as a whole, and carving performance. The speed of artifact and file carving is now as quick as never before. Apart from it: dozens of updated artifacts for mobile and computer apps and other improvements. What's new?
Evidence Center 2020 v.9.8 is out!
In v.9.8, Belkasoft added two extremely important features of iOS device acquisition: acquisition of iOS devices with checkra1n jailbreak and full file system copy of some iOS devices without jailbreak. Apart from it: decryption of TrueCrypt, VeraCrypt, PGP, massive improvements in Remote Forensics and Incident Investigation modules and many more. What's new?
Evidence Center 2020 v.9.7 is out!
MTK device acquisition, support for acquisition via MTP/PTP, iOS 13 support, analysis of Huawei and Xiaomi backups, CarPlay forensics; multiple improvements in Remote Acquisition module; revamped Connection Graph and many more. What's new?
Evidence Center 2019 v.9.6 is out!
What new features have been added?
TikTok and ShareIT support, remote artifact extraction, FileVault decryption, ElasticSearch indexing, polished Graphical Timeline and several dozens of updated artifacts for mobile and computer apps! Learn more
Belkasoft Evidence Center 2019 v.9.5 is one of the biggest updates over the last few years.
Remote forensics, incident investigations, cross-case search, Telegram X and Bitlocker decryption and many other large-scale features added to BEC with v.9.5. Learn more
Download the trial at belkasoft.com/trial
Sneak Peek of Belkasoft Evidence Center 2019 v.9.5: we are going to roll out one of the biggest updates in last few years.
Remote forensics, incident investigations, cross-case search, graphical timeline, Telegram X decryption and many more new large-scale features will be added.
A webinar on the new release will be conducted on Apr 2, 2019.
Learn more on the new features and sign up for a webinar at belkasoft.com/sneak_peek
Evidence Center 2019 v.9.4 is out!
Keyword file generation for password brute force attacks, gun detection using neural networks, Open Street Maps support, support for fitness trackers, support for Windows 10 Skype app, cloud forensics features update, a pack of new and updated computer and mobile artifacts included. What's new?
New release of Belkasoft Live RAM Capturer!
Belkasoft Live RAM Capturer is re-signed with a new certificate and is now compatible with all versions and editions of Windows including newest Window 10. Read more on Belkasoft Live RAM Capturer and download it free at belkasoft.com/ram-capturer.
Evidence Center 2019 v.9.3 is out!
Agent-based and EDL acquisition for Android devices supported, support for Elcomsoft and GrayKey iOS images added, pornography detection using ANN, Windows 10 Timeline, custom carving, massive update of cloud forensics features, and a pack of new and updated computer and mobile artifacts included. What's new?
Evidence Center 2018 v.9.2 is out!
Great news: long-awaited support for the new Apple APFS file system is added. Among other features: encrypted DMG images are supported, licensing is improved. What's new?
Evidence Center 2018 v.9.1 is out!
Many improvements in report generation, support for audio files added, usage of multiple dongles and offline license activation made simpler. A pack of new and updated computer and mobile artifacts included. What's new?
Belkasoft is GDPR-compliant.
We got nominated for prestigious Forensic 4:Cast Award! Belkasoft got into two nominations:
- Computer Forensic Software of the Year: Belkasoft Evidence Center
- Phone Forensic Software of the Year: Belkasoft Evidence Center
The voting link is https://forensic4cast.com/forensic-4cast-awards/
Vote for Belkasoft Evidence Center and let's win together!
Evidence Center 2018 v.9.0 is out!
Recycle Bin analysis supported, Mac OS system configuration analysis, NTFS compression supported, OFB mobile images mounting and analysis, deduplication supported by using PhotoDNA hashing, numerous performance and usability improvements, and a pack of new and updated computer and mobile artifacts included. What's new?
Evidence Center 2018 v.8.6 is out!
30+ clouds including Google, WhatsApp, Instagram and all popular email clouds, hiperfil.sys analysis for Windows 8 and10, bubble view for chats, WhatsApp crypt12 decryption, and a pack of new and updated computer and mobile artifacts included. What's new?
Evidence Center 2018 v.8.5 is out!
Windows 10 memory reconstruction, malware detection, crypto currencies analysis, multi-gigabyte Outlook mailboxes support, Android 7.0 acquisition, and a pack of new and updated computer and mobile apps including GetTaxi, Uber, Facebook Messenger, Evernote and more. What's new?
Evidence Center 2017 v.8.4 is out!
Among the new features: physical acquisition of rooted Android devices, iTunes 10.x.x backups support, network licenses and much more. What's new?
Belkasoft and AccessData become technology partners.
Under terms of the strategic partnership, the two companies shared technologies and implemented changes into their corresponding products to allow seamless integration between Belkasoft Evidence Center software and AccessData’s AD Lab Web UI. Read more..
Evidence Center 2017 v.8.3 is out!
Among the new features: x64 supported, predefined searches, origin paths, new handy Dashboard screen, improved Task Manager and much more. What's new?
New article "Comprehensive Forensic Chat Examination with Belkasoft" is published
New article "10 reasons to use Belkasoft Evidence Center 2017" is published
Belkasoft is happy to announce opening of its brand new Forensic Services department. Our specialists are former Police Investigators with huge experience of working on criminal cases involving all types of digital devices. With powerful Belkasoft Evidence Center at their disposal and years of successful work behind, they can help you with wide variety of services. You can get more information on the new Belkasoft offer at https://belkasoft.com/services and contact us with any services-related requests at firstname.lastname@example.org.
Are you current LACE customer? Claim your BEC discount.
All new customers of BEC will also get discount towards purchase of a new LACE license.
Evidence Center 2017 v.8.2 is out!
Among the new features: malware detection, flash cookies and IMO application supported. What's new?
Belkasoft Evidence Center and LACE integration: even more efficient handling of media files.
By using the joint solution, customers will enjoy the power of the two tools, extracting all possible pictures and videos from even hidden or tricky places from one hand, and running sophisticated analysis on big data sets from the other hand.
New article "I've been hacked" is published
Evidence Center 2017 v.8.1 is out!
Among the new features: iOS 10 analysis, LACE integration, Portuguese translation and plenty of other customer requests implemented. What's new?
Evidence Center 2017 v.8.0 is out! What's new?
Among the new features: Belkasoft Acquisition Tool, Social Graph Builder, in-depth support for Volume Shadow Copy and dozens of other features and improvements.
New revolutionary BEC 2017 v.8.0 is coming soon! What's new?
Evidence Center 2016 v.7.5 is out! What's new?
New article "SSD and eMMC Forensics 2016" is published
Evidence Center 2016 v.7.4 is out! What's new?
New article "BelkaScript: How to Get Most out of Digital Forensic Software" is published
New article "The Future of Mobile Forensics: November 2015 Follow-up" is published (this is a follow-up to our widely discussed article "The Future of Mobile Forensics").
New article published: Countering Anti-Forensic Efforts - Part 1.
New article published: NAS Forensics Explained
Evidence Center 2015 v.7.3 is out! What's new?
New article published: Future of Mobile Forensics.
Two new articles published: Acquiring Windows PCs and Capturing RAM Dumps and Imaging eMMC Storage on Windows Tablets.
Belkasoft is first to support Pagefile.sys files produced by Windows Phone 8.1!
Read how new Belkasoft Evidence Center helps to extract forensically important information out of JTAG dump of Windows Phone 8.1. Try Belkasoft Evidence Center free!
New article published: Forensic Analysis of SQLite Databases: Free Lists, Write Ahead Log, Unallocated Space and Carving.
New product: Belkasoft Social Profile Saver is released! What is inside?
Belkasoft Social Profile Saver helps to download public info, such as wall posts, private messages or photo albums, from major social networks. A free version of the tool, Belkasoft Facebook Profile Saver is updated.
Belkasoft Evidence Center helps Croatian police to solve serious crime against children.
In an official letter received from the Ministry of Interior Police Administration Bjelovarsko-Bilogorska of Croatia, Belkasoft was informed that our product, Belkasoft Evidence Center, was used by the Criminal Police Department of Bjelovar, Croatia to solve serious criminal case against children.
The tool helped the police obtain information regarding the suspect’s use of social media, instant messengers, web history data, etc. The police used data carving to extract deleted data and acquire destroyed evidence. A comprehensive report was produced and forwarded to the Public Prosecutor in Bjelovar.
Evidence Center 2014 v. 6.2 is out! The new version introduces tons of improvements and essential new functionality.