國外軟體

12月銷售軟體排行

1. MindManager 視覺化思考繪圖軟體
2. EViews 預測分析計量軟體
3. LISREL 線性結構分析軟體

4.

ATLAS.ti 定性量化分析軟體
5.

EndNote 參考書目軟體

6.

Stata 資料管理統計繪圖軟體

7. See5/C5.0  資料探勘軟體
8. HLM 階層分析軟體
9.

Expert Choice  AHP專家決策分析軟體

10. Grapher 3D科學繪圖軟體

 

 

柏際股份有限公司
TEL 02-2592-3171
FAX 02-2592-3172
info@bockytech.com.tw

Google

**提供各式軟.硬體代訂服務! **
如有未列於網站之產品需求,
請來電或來信詢問!
info@bockytech.com.tw


 

KnTTools 實體記憶體獲取工具

KnTTools 基本版,包括KnTDD。KnTDD是從選擇 Microsoft Windows 作業系統的實體記憶體證據的採集下一代工具。KnTDD原理的功能包括:
從運行選擇 Microsoft Windows 作業系統,包括 Windows Vista 系統的實體記憶體 (主機電腦記憶體) 證據的採集。
採集到可移動的 USB 或 firewire 磁碟機基於目標磁碟機的標籤。
採集到網路有或沒有頻寬限制。
加密完整性檢查和稽核記錄。
輸出壓縮使用各種格式。
轉換為微軟崩潰轉儲格式二進位記憶"形象"。
某些系統狀態資訊,包括活動的進程載入的模組和聽力終結點使用使用者模式 api (用於交叉-查看檢測演算法中的以後使用) 的收購。
KnTList集成的分析和交叉-查看檢測。

KnTTools 企業版基本版的功能為基礎,添加支援的分散式運算環境中選擇 Microsoft Windows 作業系統的實體記憶體證據採集或包含敏感內容,包括:
支援 AMD x 64 版本的 Microsoft Windows。
批量輸出使用 X 509/pkcs # #7 證書,包括使用makecert.exe創建的證書的加密.
在 SSL (TLS 1.0) 隧道的證據採集。
證據採集到 WebDAV 啟用 web 伺服器。
作為系統服務運行(KnTDDSvc的遠端部署版本).
Web 服務器或推包出去到遠端Admin$共用的"可疑"的電腦上啟用遠端部署模組 (KnTDeploy) 就是能夠把拉和部署加密的證據收集從 SSL"包"。

What is KnTTools Basic Edition?
The KnTTools Basic Edition includes KnTDD. KnTDD is a next generation tool for the acquisition of physical memory evidence from select Microsoft Windows operating systems. KnTDD's principle features include:
  Acquisition of physical memory (main computer memory) evidence from systems running select Microsoft Windows operating systems, including Windows Vista.
  Acquisition to a removable USB or firewire drive based on the volume label of the destination drive.
  Acquisition to the network with or without bandwidth throttling.
  Cryptographic integrity checks and audit logging.
  Output compression using a variety of formats.
  Conversion of binary memory "image" to Microsoft crash dump format.
  Acquisition of certain system state information including active processes, loaded modules and listening endpoints using user mode api's (for later use in cross-view detection algorithms).
 
Integration with KnTList for analysis and cross-view detection.


What is KnTTools Enterprise Edition?
The KnTTools Enterprise Edition builds on the features of the Basic Edition and adds support for the acquisition of physical memory evidence from select Microsoft Windows operating systems in a distributed computing environment or that contains sensitive content, including:
  Support for the AMD x64 versions of Microsoft Windows.
  Bulk encryption of output using X509/PKCS#7 certificates, including certificates created using makecert.exe.
  Evidence acquisition over a SSL (TLS 1.0) tunnel.
  Evidence acquisition to a WebDAV-enabled web server.
  A remotely deployable version that runs as a system service (KnTDDSvc).
  A remote deployment module (KnTDeploy) that is able to pull and deploy encrypted evidence collection "packages" from a SSL enabled web server or push the packages out to a remote Admin$ share on the "suspect" machine.
 


What is KnTList?
KnTList is a command line tool for the analysis and extraction of evidence from physical memory that was acquired from select Microsoft Windows operating systems using the KnTTools. KnTList analyzes main computer memory by reconstructing the principle operating system-defined metadata elements that structure the memory, including the virtual address space of the system and other processes. KnTList output is produced in both text and XML format. XML output is designed to permit the independent development of secondary analysis based upon an open format. The XML schema that is used by KnTList included with the distribution.

The approach taken by KnTList is intended to complement the approach developed by Andreas Schuster which scans physical memory for specific byte-patterns that identify important metadata elements. http://www.dfrws.org/2006/proceedings/2-Schuster.pdf. KnTList supports Andreas Schusters PTFinder XML output format for use with a cross-view detection algorithm. http://computer.forensikblog.de/2006/09/ptfinder_0_3_00.html. Please consult the 2005 DFRWS memory challenge for examples of KnTLists capabilities as of two years ago.


National language support.
KnTTools and KnTList are national language aware but are not fully localized. Error messages or prompts that are generated by the operating system will appear in the current users default language. Output specifically generated by KnTTools or KnTList will be in American English. KnTTools and KnTList are Unicode applications and are designed to run on localized versions of Microsoft Windows, including Asian versions.
 


Availability?
The KnTTools and KnTList are currently available to the military, civilian law enforcement and other civilian governmental agencies, and higher educational institutions. The KnTTools and KnTList are available on a case-by-case basis to private security professionals and corporations.

 


The KnTTools and KnTList are exclusively distributed by GMG Systems, Inc. Bundling of the KnTTools and/or KnTList with a third party software package is not being contemplated at this time.

 

請填寫您的資料以便寄送產品相關訊息:

公司: 部門:
姓名: 職稱:
電話: EMAIL:

請選取您要的產品訊息:

KnTTools  軟體資料
KnTTools  軟體報價
如有其他需要請填寫在底下表格內

確定送出資料  重填