首页
社区
课程
招聘
[转帖]X-Ways Forensics 19.1 Beta 1
发表于: 2017-1-12 08:35 7891

[转帖]X-Ways Forensics 19.1 Beta 1

2017-1-12 08:35
7891
X-Ways Forensics 19.1 Beta 1
A preview version of the dongle-based edition of X-Ways Forensics 19.1 is now available. The download link can be retrieved as always by querying one's license status.
NEW: If when querying your licenses you do not receive any e-mail message at your work address because your organization has the sending server blacklisted, you now have the option (here) to get the e-mails sent from an alternative server (different domain, different IP address), for a 2nd chance to actually receive something.
What's new in v19.1 Preview 1?
* Support for Google's Chrome sync database, where information can be found that is synchronized across devices, such as bookmarks, form history, typed URLs, synced devices and much more. A preview HTML file is generated, and events are output to the event list.
* The type status "mismatch detected" now has an effect on the assumed relevance of a file.
* The relevance of a file now more reliably takes into account whether or not a picture is a screenshot.
* Directory icons for evidence objects that are directories, in the Case Data window, so that they can be distinguished from volumes.
* Under Windows Vista and later, attachments are now conveniently linked from the alternative e-mail representation in Preview mode.
* Option to print selected fields on the cover page in bold letters and in a different color, to point the attention of the reader to a certain aspect.
* TAR archive processing revised.
* New case conversion option for textual data in UTF-16 (Edit menu).
* Some minor improvements.
* Same fix level as v19.0 SR-4.

SR-11:
* Newly identified 3GP files were erroneously assigned to the category "Other/unknown type" by the file type verification in v19.0 SR-1 and later. That does no longer happen now.
* X-Tension API: Two new kinds of evidence object IDs can now be retrieved with the XWF_GetEvObjProp function (nPropType 3 and 4).
* Full filename matches in the Type filter did not count if the type status was "newly identified". That was fixed. In v18.8 and later, full filename matches should have been ignored only if the type status was "mismatch detected".
* Fixed inability of v19.0 to copy certain files along with the case report under certain circumstances if the type status was "newly identified".

Beta 1:
* Event extraction from Apple FSEvent logs.
* Improved stability while processing EDB databases. Users of v18.8, v18.9, and v19.0 may replace their copy of the file EDBex.dat with the new version that at first is tentatively included in v19.1 Preview 8 only.
* New options when importing or creating hash sets in the ordinary hash databases and the block hash database. Duplicate hash values that are already contained in the hash database can either be removed from the newly created or newly imported hash set or from all existing hash sets, to keep the hash database more compact/less redundant.
* The Full path column now comes with a filter.
* Internal metadata is now extracted into the Metadata column only from files of selected categories.
* "Display SHA-1 & TTH192 in Base32" is now a Notation option.
* Several minor improvements.
* Same fix level as v19.0 SR-11.

[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 1
支持
分享
最新回复 (27)
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
2
WinHex v19.0 SR-6 x86 专家版(Specialist)
_http://www.52pojie.cn/thread-572487-1-1.html
2017-1-12 08:43
0
雪    币: 560
活跃值: (939)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
Forensics 找不到能用的版本啊,网上的注册机注册完都不是全功能版的
2017-1-12 14:57
0
雪    币: 35664
活跃值: (7155)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
4
其实高级版本对一般人无用
2017-1-12 19:14
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
5
2017-1-12 21:32
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
6
WinHex v19.0 SR-6 x86 x64 专家版(Specialist)
_http://www.52pojie.cn/thread-573126-1-1.html
2017-1-12 21:35
0
雪    币: 35664
活跃值: (7155)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
7
老大能不能转点X64DBG 哪怕是英文的破解教程来?
这个天国真的找不到啊。
2017-1-12 21:46
0
雪    币: 1262
活跃值: (607)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
8
X64DBG 很容易就下载到了。还用转?
全中文的还不会用。I  服了  YOU!
http://101.96.8.141/jaist.dl.sourceforge.net/project/x64dbg/snapshots/snapshot_2017-01-02_20-51.zip
2017-1-12 21:56
0
雪    币: 35664
活跃值: (7155)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
9
扯淡,是否为中文的不重要,关键是逆向分析的文章这个调试器真的不多的。
2017-1-12 23:05
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
10
_http://bbs.pediy.com/showthread.php?t=215212
2017-1-13 08:52
0
雪    币: 35664
活跃值: (7155)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
11
还是老大的这个够口,够劲!赞~~
2017-1-13 09:42
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
12
X-Ways WinHex 19.0 SR-6 x64 Multilingual
_https://pan.baidu.com/s/1eSfykpG
2017-1-13 16:42
0
雪    币: 210
活跃值: (25)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
13
谢谢老大!链接没效了!
2017-1-13 16:59
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
14
太快了
_https://page88.ctfile.com/fs/U3E167320405
_http://uploaded.net/file/4aj1h5fi/WinHex.19.0.rar
_https://nitroflare.com/view/E4C814909B66633/WinHex.19.0.rar
2017-1-13 17:07
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
15
WinHex 19.0 SR-6 for Windows
_http://www.softpedia.com/get/Programming/File-Editors/WinHex.shtml#download
2017-1-13 20:46
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
16
WinHex 19.0 for Windows
上传的附件:
2017-1-15 15:01
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
17
Jan 12, 2017
X-Ways Forensics 19.1 Beta 2:
* Extended attributes in HFS+ are now optionally included in the volume snapshot as child objects of the files or directories to which they belong (in X-Ways Forensics only) depending on a new 3-state volume snapshot option. If fully checked, extended attributes are presented as child objects even when they have been specially interpreted already by X-Ways Forensics internally. If half checked (default setting in X-Ways Forensics), they are presented as child objects only if their are not specially interpreted by X-Ways Forensics assuming that the user might want to check them out manually.
* Ability to open files with resident/inline storage in HFS+.
* Ability to recognize and open compressed files in HFS+.
* HTML previews are now generated during metadata extraction for the GZ archives that contain Apple FSEvent logs.
* French translation of the user interface updated. (The translation probably has some mistakes.)
* Check boxes with long text labels in language that get truncated because of the limited space available now automatically come with tooltips that reveal the complete text when hovering the mouse cursor over the control.
* Sender and recipients are now also shown for MSG files to which e-mail processing was applied, not only for the extracted .eml file.
* In Edit | Define Block it is now optionally possible to enter the size of the block instead of its end offset. And it is now possible to enter the start and end of a block in terms of sector numbers instead of offsets directly.
* The Navigation | Go To menu commands are now available in File mode.
* Some more dialog windows are now slightly more clearly structured.
* Several minor improvements.
* Same fix level as v19.0 SR-12.
2017-1-15 15:31
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
18
WinHex 19.1 for Windows
Posted on Thursday, Jan 19, 2017 - 8:08:
v19.1 has just been released. Additional changes:
* A new 3-state check box in General Options prevents Windows screensavers from starting and potentially requiring to re-enter the current user's password, either only during operations that show a progress indicator window (if half checked) or generally while the program is running (if fully checked). This option has an effect no matter whether the main window is visible or whether the program is running in the background. Useful for example when acquiring a live system of which you don't want to lose control during imaging, or if you wish to keep an eye on the progress indicator on your own machine from another corner in your office.
* Options | Security | "Collect information for crash report" is now a 3-state check box. If fully checked, should volume snapshot refinement crash the program, restarting the program will also point out which suboperation exactly was applied to the problematic file(s) when the program crashed. It has not been tested whether this enhanced granularity of logging might cause any noticeable slowdown. There may be multiple candidates for the problematic file that triggered the instability if multiple worker threads were active at the time of a crash. Unlike in v19.0, all of them are now logged, and they are now presented with the help of the Int. ID filter upon restart.
* Fixed inability to process bz2 archives.
* User manual and program help updated for v19.1.

_http://www.softpedia.com/get/Programming/File-Editors/WinHex.shtml#download
2017-1-19 18:53
0
雪    币: 5567
活跃值: (2749)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
19
原来就是WinHex啊
2017-1-21 23:39
0
雪    币: 202
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
20
烦请大侠提供注册码
2017-1-23 10:52
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
21
WinHex v19.1 x86 x64 专家版(Specialist)
_http://www.52pojie.cn/thread-576358-1-1.html
2017-1-25 07:11
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
22
Posted on Thursday, Jan 26, 2017 - 18:16:          
SR-1:
* Some commands in the directory browser context menu in v19.1 did not always appear as they should have appeared. That was fixed.
* An exception error that could occur in v19.1 when hashing files should no longer occur now.
* The JPEG quality detection now also works for rotated JPEGs.
* Some minor improvements.

_http://www.softpedia.com/get/Programming/File-Editors/WinHex.shtml#download
2017-1-27 14:44
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
23
本地備檔.
上传的附件:
2017-1-27 14:49
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
24
X-Ways WinHex 19.1 SR-1 x86/x64 Multilingual
_http://www.0daydown.com/01/44082.html

Download 城通网盘
19.1:_https://page88.ctfile.com/fs/Pge169107174
19.0:_https://page88.ctfile.com/fs/U3E167320405

Download 百度云
19.1:_http://pan.baidu.com/s/1c1RVQLi 密码: kgng
19.0:_http://pan.baidu.com/s/1eSfykpG
2017-1-30 23:39
0
雪    币: 97697
活跃值: (200799)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
25
Posted on Monday, Jan 30, 2017 - 6:38:          
SR-2:

* Computing hash values and matching them against hash databases was not done repeatedly in the original v19.1 release. Now it is done repeatedly again, and that operation is now officially documented as one of the operations that will be applied repeatedly to the same files in a volume snapshot, the only other exception being indexing.
* Many descriptions for registry events were not output to the event list. That was changed. This improvement will also be applied to v19.0 SR-13.
* Some minor improvements and fixes.
2017-2-1 11:47
0
游客
登录 | 注册 方可回帖
返回
//