Computer Forensics Tools
Basic Tools Used for PC Computer Forensics

Learn what digital computer forensics tools are used by professional pc computer forensic experts to find evidence on the cpu's of criminals!

The world of computer crime is a complex mess of corruption.

To clean this up, there are a variety of computer forensics tools available for the investigator to use.

You can't become a computer forensics investigator overnight.

You have to go through intensive training and certification to be ready for the job.

The digital age is an ever-evolving world of mass media and technological advancements, and for investigators to have any chance to do their jobs successfully, they need to be trained to stay on the cutting edge.

Part of their training involves learning special techniques to aid them in their investigations. They are also introduced to a variety of software programs that can assist them in their duties.

Computer Forensics Tools: Techniques Used

Computer forensics involves the identification, recovery, and analysis of intricate streams of data. This requires more than a healthy mind--it takes the help of some serious investigative techniques.

Cross Drive Examination

This refers to the process of examining multiple hard drives at the same time in an effort to recognize any anomalies or irregularities. This is a growing science, and there's still much to learn about the process, but it has already proven itself invaluable to the investigation of computer-related crime.

Live Study

Instead of merely duplicating data and then investigating it for anomalies and irregularities, live study involves the examination of a computer's inner workings from within its actual operating system.

Deleted Data

This technique is one of the most often used in the world of computer forensics. It refers to the practice of retrieving files and programs that have been previously deleted from a computer's hard drive. Many times, this is the way in which the most important evidence is gathered and analyzed.

There are countless other techniques that computer forensics investigators use to aid them in their jobs, but these three give you an idea of how complex the systems of detection are for these digital enforcers. It takes a good deal of education and training--not to mention hard work and passion--for you to become a successful investigator in this field.

But it's very much within your grasp!

Computer Forensics Basics: Software

Criminals who use computers and other digital media to aid them in their crimes use a bevy of software programs to help them with their illegal work. So it goes without saying that the men and women whose job it is to prevent that illegal work from happening use a good deal of their own programs.

The best computer forensics software is incredibly pricey.

This means that while private consulting firms may have the funds to own the top-of-the-line goods, other public organizations may have to go for something cheaper.

But that's not necessarily a bad thing. There are actually quite a few great computer forensics programs out there that are completely free to own.

To give you an idea of what you may expect to work with if you want to become a computer forensics specialist, here's a look at a few of the more popular software tools used:

  • EnCase - This is a first-rate program that allows you to image, process, and investigate a cloned computer or PDA.


  • Sleuth Kit - This is a collection of tools and utilities (Unix-based, for the most part) that you can use to analyze forensic data on computers.


  • FIRE - The Forensic and Incident Response Environment program is a bootable CD-ROM you can carry with you that creates an immediate environment for forensic analysis within the computer you are investigating.

Return from Computer Forensics Tools to Computer Forensics Degree

Return from Computer Forensics Degree to Criminology Degree