Home |  Products  |  Downloads  |  Forensic Forum  |  Support  |  FAQ  |  Contact Us

 
 

NetAnalysis Screenshots


The following images are a selection of screen shots showing NetAnalysis in action.  Click on the thumbnail to see the full sized screen.

 

 

Normal Analysis Window

 

This window shows NetAnalysis with the data already added.  The URL View window at the top of the screen is activated (this can be switched on and off by the examiner).  This allows the forensic examiner to view long URL records with ease.  This screen also shows a number of bold records.  This indicates that the records have been tagged by the examiner. 

 

Some records have the bookmark visible icon prior to the URL.  This indicates that the record has been bookmarked with a comment.  When the Advanced Report is run, the comments/bookmarks added by the forensic examiner will be shown.

 

Click on the image to enlarge 

 

 

 

Normal Analysis Window with Additional Analytical Views


This is the main NetAnalysis window with the Host List window visible.  The Host List window outlines the domains visited by the user.  Selecting a domain in the left hand pain with filter the records in the main window.

 

Click on the image to enlarge 

 

 

 

Cookie Analysis Window


This window shows the Cookie Viewer activated, with the examiner selecting a cookie record in the main grid.  If the cookie records are exported from your main forensic tool, along with the index files, NetAnalysis will be able to show the content of those files as well.

 

Click on the image to enlarge 

 

 

 

Reporting Window


NetAnalysis has a number of powerful, built-in reports.  This window shows the Advanced report with a breakdown of all the appropriate fields you would need.

 

Click on the image to enlarge 
 

 

 

HstEx v2 - History Extractor


NetAnalysis comes with its own separate tool for extracting deleted data.  Regardless of which product you use, HstEx means that you have access to the deleted data as well.  HstEx can extract data from traditional DD images, binary export files, swap files etc.

 

Version 3 of HstEx will be shortly available.  This new version can extract directly from many of the standard image files available such as:  Expert Witness compressed format as used by Encase, segmented DD images, Access Data FTK imager files and Smart images.

 

This window shows HstEx v2 running against a single 2.44 TB DD image.

 

Click on the image to enlarge 

  

   

Copyright© 2002-2009 Digital Detective Group Ltd