Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Software-update: WinHex 12.7

WinHex is niet alleen een universele hex-editor, maar is ook in staat om low-level dataprocessing toe te passen via een makkelijke interface. Het programma beschikt onder andere over een RAM-editor, een Data Interpreter en een Disk-editor, en kan dus worden gebruikt om verwijderde informatie terug te halen en om bestanden te inspecteren. Versie 12.7 is sinds kort beschikbaar met de volgende veranderingen:

Version 12.7:
  • Recursively explored directories are now specially flagged in the directory tree. A simple right click in the directory tree is now sufficient to explore a directory recursively (formerly: right click and context menu item).
  • Directories whose contents are either fully or partially tagged are now specially flagged in the directory tree as well. The middle mouse button can now be used in the directory tree to tag or untag directories.
  • Support for the file systems UFS and UFS2, both in big-endian and little-endian variants.
  • The Refine Volume Snapshot command now features the statistical entropy test for the detection of fully encrypted files as known from the now obsolete Create Drive Contents Table command, plus a new file format specific encryption/ password protection test for PDF documents and MS Office documents such as MS Word 4...2003, MS Excel 2...2003, MS PowerPoint 97-2003, and MS Project 98-2003.
  • The Details Panel is now integrated into a data window, more exactly into the data (or sectors) area in a data window. The benefit is that more screen space is available horizontally for the directory browser, gallery mode, preview mode, calendar mode, and the status bar.
  • Certain search operations (without GREP, in particular with several keywords, case insensitive) are now considerably faster.
  • Evidence file containers can now optionally include disk/image names as the first directory level, so that for multiple sources it is still obvious where files originate from when reviewing the containers.
  • It is now possible to mix files with UNIX-styled permissions and files with DOS/Windows-styled attributes in the same evidence file container. Both will be displayed correctly in X-Ways Forensics.
  • In volume snapshots taken by v12.7 and later, there will be a fictitiuous directory "Path unknown" instead of "Deleted Items". That's because a dedicated overview of deleted items is already available in recursive views with the dynamic filter. The only need for such a special directory is now to accomodate lost/ deleted files whose path is unknown, i.e. which are orphaned or were only discovered based on their header signatures.
  • Ability to preview disks without temporary files being written anywhere on the system. For that purpose you can set the folder for temporary files and the folder for cases to a directory on the CD from which you are running X-Ways Forensics (e.g. simply "."). X-Ways Forensics will still allow you to create the case and work with it, just won't be able to save it. Remember, you do not need to "install" X-Ways Forensics before running it.
  • The drive letter that contains the folder for image files is now officially considered a legitimate output folder in X-Ways Forensics.
  • Ability to add file slack to evidence file containers specifically. Hold the Shift key when invoking the menu command to add a file. (since 12.6 SR-1)
  • Optional faster slim volume snapshot without cluster allocation scan now available for all file systems (Safety & Security Options). Useful e.g. when previewing a live system and having temporary and snapshot files written to one's own USB stick where only USB 1.1 speed is available. (since v12.6 SR-4)
  • Ability to select an internally assembled RAID 0 as a source disk in the Disk Cloning dialog window. (since v12.6 SR-7)
  • In additional to the "reduced" user interface, there is now an optional "forensic lite" user interface, meant for investigators in law enforcement
    • who are specialized in areas e.g. such as white-collar crime, corruption, tax fraud, etc.
    • who do not need profound knowledge of computer forensics
    • who do not need technical insights that WinHex and XWF are well-known to provide as a by-product
    • who receive e.g. convenient-to-handle X-Ways evidence file containers from well-versed computer forensics examiners with only selected files from various sources (e.g. "all documents that contain the keywords x and y"), with obviously irrelevant stuff already filtered out
    • who need to review hundreds of electronic documents, identify relevant ones, add comments to them, identify logical structures and connections between them with the help of their comments, and print documents, all with a few mouse clicks within the same environment, which saves the time to extract and load each document in its associated application
    The "forensic lite" interface lacks _many_ advanced technical features on the outside, to allow for easier access to non-technical personnel. Forensic licenses that _only_ allow to use the "forensic lite" interface are available at 50% the regular rate, on request.
  • Several other minor improvements and error corrections.
Versienummer 12.7
Besturingssystemen Windows 9x, Windows NT, Windows 2000, Windows XP
Website X-Ways Software Technology
Bestandsgrootte 1,19MB
Licentietype Shareware

Door Japke Rosink



Meer historie

Reacties (1)

Wijzig sortering
Wat een fijn programma is dit toch. Bestaat al vele jaren, maar de UI is nog steeds bijna hetzelfde en niet trager geworden (zoals vaak wel het geval is), terwijl de functionaliteit wel continue uitgebreid wordt (al zijn het steeds kleine stapjes). Klein, krachtig en erg stabiel; er zijn maar weinig programma's die al zo lang mee gaan en nog steeds 'on top' zijn, echt een aanrader.

Sinds v12.x (?) is ie ook uitermate geschikt om (relatief simpel) data mee te recoveren. En goede ervaring met de support en/of feedback, X-Ways communiceert ook nog eens z'n klanten ;)

Als iemand er negatieve ervaringen mee heeft, ben ik daar wel nieuwsgierig naar ... :7

PS: Nee, ik heb geen aandelen 'WinHex', maar ben gewoon hilarisch over deze tool; hij staat ook standaard op m'n USB-stick, voor 'noodgevallen onderweg'. Niet 100% 'correct', gezien m'n single-license, maar toch ...'m eenmalig vanaf USB op een ander PC draaien moet toch kunnen :Y)

Op dit item kan niet meer gereageerd worden.

Apple iPhone XS Red Dead Redemption 2 LG W7 Google Pixel 3 XL OnePlus 6T FIFA 19 Samsung Galaxy S10 Google Pixel 3

Tweakers vormt samen met Tweakers Elect, Hardware.Info, Autotrack, Nationale Vacaturebank en Intermediair de Persgroep Online Services B.V.
Alle rechten voorbehouden © 1998 - 2018 Hosting door True