OSForensics

OSForensics by PassMark is a Swiss Army Knife of security tools for Windows that every system administrator should have.

The product comes in a free and a paid version, but the former should actually serve the purposes of most sysadmins. Those in the business of network security or computer crime investigation may want to look into the paid version.

The toolkit runs on Windows but is still useful for Unix system administrators who have to deal with Windows based clients and Windows client created content.

My personal introduction to the product came when I had to crack the password on a Microsoft Excel 2010 spreadsheet left behind by a former employee. It took awhile for my feeble brain to get the hang it, but in the end I was able to get into the document: using the “Random Passwords_3char” library. Sad. Very sad.

Anyway, get this software. In addition to password cracking it includes an impressive array of utilities for examining digital signatures, databases, memory locations and file systems. Learning to use all these features wouldn’t be a bad way to get an education in computer forensics itself.