Forensicswiki.org has moved to this site, forensicswiki.xyz. For information, please join the Google Group forensicswiki-reborn

Elcomsoft Premium Forensic Bundle

From Forensics Wiki
Jump to navigation Jump to search
Elcomsoft Premium Forensic Bundle
Maintainer: Elcomsoft
OS: Windows,MacOS
Genre: Analysis
License: Commercial
Website: https://www.elcomsoft.com/epfb.html
Elcomsoft Premium Forensic Bundle

Elcomsoft Premium Forensic Bundle (EPFB) is a pack of every forensic tool by Elcomsoft. EPFB allows extracting data from mobile devices, unlocking documents, decrypting archives, breaking into encrypted containers, viewing and analyzing evidence.

  • The complete set of tools for desktop and mobile forensics
  • Hardware-accelerated password recovery on up to 10,000 computers
  • Includes all relevant tools for decrypting data, extracting and analyzing mobile devices
  • Tools for logical, physical and over-the-air acquisition of mobile devices
  • Extract data and user passwords from Apple, Microsoft and Google cloud services
  • Access to deleted evidence and forensically sound extraction

Supports: all versions of Microsoft Office, OpenOffice, Encrypted File System, Windows and macOS passwords, macOS Keychain, ZIP/RAR/RAR5, PDF, BitLocker, PGP, TrueCrypt, VeraCrypt and many more. Instantly extracts passwords from instant messengers, email clients, Web browsers and many other products. Physical, logical and over-the-air acquisition of all generations of iOS devices.

Patented Technologies

Elcomsoft pioneered many software innovations that have made it easier to break a wide range of passwords. We were the first to refactor 56-bit encryption in Microsoft Office products. We patented GPU-accelerated password recovery, revolutionizing the speed of password recovery without requiring expensive hardware. We were the first to extract iOS backups from Apple iCloud, and the first to mix AMD and NVIDIA video cards for even faster attacks.

Elcomsoft Premium Forensic Bundle allows forensic and law enforcement officials to gain access to various password-protected documents. The password recovery suite features the latest and most advanced cryptanalysis algorithms developed by ElcomSoft Research department. The mobile forensic tools included in the pack enable access to critical evidence stored in physical devices, local backups and cloud services. We continue to deliver cutting-edge technologies in password recovery, mobile and cloud forensics.

The GPU acceleration is patented (U.S. Pat. No. 7,787,629 and 7,929,707) and unique to ElcomSoft password recovery products, making password recovery up to 250 times faster compared to traditional methods relying on the use of the computer’s main CPU.

The Fastest Password Recovery

Elcomsoft Premium Forensic Bundle is capable of instantly recovering passwords for a wide range of business and office applications, text processors, spreadsheets, database management programs, office suites, email clients, instant messengers, etc. Over a hundred different file formats and types of password encryption methods can be recovered instantly.

Break passwords to more than 500 types of data

Our password recovery tools support documents created by most popular Office suites from the oldest to the latest versions. We support all popular crypto containers, encrypted compressed archives, system disk and file system encryption, and many other types of passwords. Our tools exploit every known vulnerability to unlock documents instantly or near instantly, while employing smart attacks and high-end hardware acceleration techniques to quickly recover strong passwords.

Heterogeneous GPU acceleration with multiple different video cards per computer

Today's PC motherboards support multiple video cards. Thanks to ElcomSoft's proprietary heterogeneous computing, our tools support a mix of up to 32 video cards even if they are of different makes and models, allowing for even faster password recovery applications for a modest increase in hardware costs. The tool allows mixing NVIDIA and AMD boards of different generations in a single PC.

20 to 250 times faster attacks with hardware acceleration

Our tools utilize dedicated high-performance cores found in today's video cards such as those manufactured by NVIDIA and AMD to offload parts of computational-intensive calculations onto the highly scalable video cards. Featuring several hundred GPU cores, a single video card can deliver the speed far exceeding the metrics of a high-end CPU. Our thoroughly optimized algorithms enable reaching recovery rates that are up to 250 times faster compared to CPU-only benchmarks.

Linear scalability on up to 10,000 computers

ElcomSoft password recovery tools have zero overhead. By doubling the number of PCs working on a password, you cut the time required to recover a password by half. By only transferring the bare minimum of information over the network, our tools enable massively parallel operation, and scale linearly to as many as 10,000 workstations and cloud instances with no scalability overhead. Distributed attacks scale over the LAN, Internet, or both. Minimum bandwidth requirements ensure no scalability overhead even for the slowest connections.

Cloud computing

Quickly add computing power on demand by utilizing Amazon’s GPU-accelerated EC2 Compute Units or Microsoft Azure instances. Depending on performance requirements and budget constraints, cloud instances can quickly scale to speed up the job, and can be scaled back when not in use. Password recovery running in an Amazon cloud is a perfect solution when additional computational power is needed without the need to invest into building permanent infrastructure in-house. Get as much speed as you need the moment you need!

Remote deployment and console management

The convenient management console allows controlling Elcomsoft Distributed Password Recovery from any networked PC.

Comprehensive Mobile Forensic Solution

Elcomsoft Premium Forensic Bundle includes the most essential tools for acquiring and analyzing evidence from a wide range of mobile platforms.

Physical and logical acquisition of iOS devices

Extract evidence from Apple iOS devices with or without a jailbreak. Low-level extraction and keychain acquisition on jailbroken devices, advanced logical for devices without a jailbreak. The use of lockdown records enables extracting evidence from locked iOS devices without a passcode.

Break passwords to iOS system backups

Brute-force passwords protecting encrypted iOS backups with a high-end tool. GPU acceleration helps achieve unprecedented performance, while access to users' stored passwords enables targeted attacks with custom dictionaries.

Obtain iCloud backups, download photos and synced data, access iCloud passwords

ElcomSoft provides the most comprehensive iCloud acquisition solution on the market, enabling forensic access to evidence stored in the cloud with and without the Apple ID password. Access cloud backups, call logs, messages, passwords, contacts, iCloud Photo Library, iCloud files and a lot more.

Google forensics

Extract and analyze user’s detailed location history, search queries, Chrome passwords and browsing history, Gmail messages, contacts, photos, and a lot more.

Windows and Mac editions

Most tools comprising the Bundle are provided in both Windows and Mac editions.

View and analyze evidence

Use the lightweight tool to browse, search and analyze evidence. Discover deleted messages (including deleted SMS and iMessages in iOS backups), view passwords stored in the user's Google Account and iOS keychain.

Access Instant Messengers' conversations

Extract, decrypt and view WhatsApp, Telegram, Skype, Signal and iMessage communication histories from a wide range of devices and cloud services.