Belkasoft Evidence Center 2019 v.9.4 (or, in short, BEC)
is an all-on-one forensic solution, combining computer,
RAM, mobile and cloud forensics in a single tool. Given its affordable price,
it is one of the best choices among other available products on the market.
Version 9.4 of BEC 2019 is a major new release
with a pack of new features including
- Case-specific keyword file generation for password brute force
attacks
- Gun detection in pictures and video keyframes using ANN (artificial
neural networks)
- Open Street Maps support for geolocation points
- Updated Team Edition version of BEC
- Updated integration with Passware Kit Forensic
- Support for Windows 10 Skype app
- Support for fitness trackers
- Cloud forensics features update
- As usual, a pack of new and updated computer and mobile apps
are supported
- Belkasoft is also offering
official training and
BelkaCE certification. Two courses are available: Belkasoft
Essentials and Belkasoft Advanced, both are 2 days long. Available
onsite locations for 2018: USA and Europe.
Sign up for a webinar on BEC
v.9.4!
Upgrading to version 9.4 is free to all customers with a non-expired Extended
Software Maintenance and Support contract. Customers without a
current contract can purchase it from the Customer
Portal. An affordable
User Refresher
Course is also available for those who would like to catch up on all recent
improvements. Training with
optional certification is available.
New features in detail
Keyword file generation
When looking for a password to decrypt some important data, there is a
high probability that the password (or its part) is somehow stored on a
user's computer. Even if not, the password could have been based on
something specific what the user was chatting about, looking in the internet
or reading in documents. Thus, one of viable approaches to password recovery
is to create a dictionary of all terms somehow related to the user.
Belkasoft Evidence Center is now able to go through all text fields of all
artifacts gathered from user's devices with the goal to generate
user-specific keyword file. Decryption tools such as of Passware can then take such file in order to use the terms inside as an
exact password or as a base for mutations.
This feature is particularly useful when the full brute force is
impossible due to the strong encryption.
Gun detection in pictures and video keyframes using ANN
Following the success of the previously released pornography detection
feature, Belkasoft continued the extension of its artificial neural
network-based picture analysis. In this release we added the possibility to
automatically detect guns inside pictures and video keyframes. As with the
pornography detection, this feature requires a GPU card with CUDA support from the following list.
We will expand the use of ANN in next releases to include many more other
types of pictures. Stay tuned!
Updated Team Edition version of BEC
The Team Edition is the multi-user configuration of Evidence Center. In
Team Edition, you can store case data on a central server and access your
cases remotely from the same local network. You can work on the same case
with another user simultaneously. The right management allows to specify if
other users can access your case read-write, read-only or no access.
Are you interested in more details on Team Edition features and how to
upgrade your single-user system to Team Edition? Contact us at
support@belkasoft.com
Support for fitness trackers
Fitness tracker devices become more and more popular. Even the CEO of
Belkasoft is using a Fitbit device each day! These devices may store a lot
of information of a user, such as their GPS tracks, heartbeat history,
physical activities (walk, run, swim, etc), amount of calories burnt and so
on. There are already a number of cases published, where a fitness tracker
analysis was an important part of an investigation.
In v.9.4 of BEC we have supported two most popular devices: Fitbit and Mi
Fit.
Analysis
- Skype for Windows 10 supported [Windows]
- Chrome passwords extraction supported [Android]
- YapChat supported [Android] [iOS]
- Cache data extraction supported for Chrome, Maxthon, Dolphin and UC
Browser browser [iOS]
- New version of Telegram supported [Android] [iOS]
- Frequent locations supported [iOS]
- Opera supported [Android]
- ICQ support updated [Android]
- Skype support updated [Android] [iOS]
- Form values/Passwords/Cache extracted for Chrome [macOS]
User Interface
- Artifact list: column reordering supported
- Contact list can be filtered in Connection Graph
- Picture loading in Gallery View improved
- Picture preview is shown on a dedicated tab of a properties panel
(useful when working with Pictures list view which does not have a
preview column)
- Call/SMS are properly displayed for the chosen edge on the
Connection Graph
Cloud forensics update
- Import of messages downloaded from Gmail Cloud into BEC improved
- Incorrect mailbox structure of downloaded Gmail Google cloud data fixed
- Documents, videos downloaded from Google Drive properly imported and
analyzed in BEC
- Incorrect import of geolocation data downloaded from Google Timeline
fixed
New and updated artifacts
- iOS
- Apple mail
- Brosix
- IMO
- Dolphin
- Live Me
- NextPlus
- LINE
- Kakao Talk
- Vipole
- WhatsApp
- Voicemails
- Yahoo mail
- Ebuddy XMS
- Growlr
- Kik
- MeetMe
- Android
- Gmail mailbox
- Dolphin
- MeetMe
- Mail.ru
- Xabber
- Calls
- IMO
- WhatsApp
- Growlr
- Maxthon
- Edge browser
- Windows
Other improvements
- Interlocutors extraction for Viber improved [Android] [iOS] [Windows]
- Analysis performance of iOS images and Android AB backups
significantly improved
- Live RAM Capturer now supports all versions of Windows including
newest updates for Windows 10
- Missed search in BER fixed
- Forgery report in Portable version fixed
- Memory consumption during data analysis optimized and reduced
- URLs extracted from SQLite unallocated for UC browser [iOS]
- Facebook support updated [Android]
- Attachments extraction supported for Notes app [iOS]
- Decryption window fixed for browser data for Qihoo/Yandex/QQ browsers
[Windows]
- Geodata extracted from Heytell [iOS]
About 200 smaller improvements and bugfixes are made.