About OSForensics
OSForensics is a computer forensics software from PassMark Software that helps find and extract hidden forensic material on computers with reliability and ease. It combines training resources, user-friendly tools, and the latest events in forensic investigations so users can effectively analyze digital evidence. This solution supports a wide array of functionalities, making it suitable for law enforcement, corporate security, and IT professionals. OSForensics allows users to search for and recover files, analyze system logs, and perform memory analysis. Key capabilities: evidence collection file recovery system log analysis memory analysis training resources Best for: digital forensic investigators or professionals that need to conduct comprehensive investigations on computers.
OSForensics is a comprehensive and highly capable digital forensics toolset designed for investigators, law enforcement, cybersecurity professionals, and incident response teams who need to collect, analyze, and preserve digital evidence across a wide range of devices and formats. What sets OSForensics apart is its deep functionality and wide feature set, allowing users to perform everything from advanced file and email searches to forensic imaging, memory analysis, deleted file recovery, and timeline reconstruction—all within a single application. It offers rapid file indexing and searching, making it easy to sift through vast volumes of data and uncover hidden or suspicious files. With the ability to search inside documents, images (thanks to built-in OCR), email databases, and even deleted or partially overwritten data, the software gives investigators full visibility into user activity. OSForensics also provides tools for examining browser history, system artifacts like USB device usage, registry changes, and network share access. The built-in hash comparison tools (MD5, SHA-1, SHA-256) help verify data integrity and identify known malicious or unauthorized files.
Pros & Cons
- +Offers a wide range of forensic tools in one cohesive platform.
- +Excellent deleted file and hidden partition recovery.
- +Strong support for file, email, and memory analysis.
- +Suitable for both lab and field investigations via bootable/portable options.
- +Effective case management and audit tracking for legal use.
- −Interface is functionally rich but not modern in design.
- −Lacks native cross-platform support for Linux/macOS investigators.
- −Requires a learning curve for advanced analysis tools.
- −Performance can slow with extremely large datasets.
Features
Key features
- High-Speed File Search & Indexing – Quickly search files, emails, and data on live systems or disk images using advanced indexing.
- Deleted File Recovery – Recover files that have been deleted, including those from unallocated disk space.
- User Activity Monitoring – Extract user actions like recent website visits, USB usage, and opened files.
- Password & Credential Extraction – Recover browser passwords, network keys, and stored credentials.
- Case Management System – Organize findings, generate reports, and maintain a structured investigation workflow.
- Hidden Disk Area Detection – Identify and access hidden disk sectors like HPA/DCO and Volume Shadow Copies.
Additional features
- Email Archive Search & Analysis – Search within PST, MBOX, and other formats to recover and review email evidence.
- File Signature & Hash Analysis – Create hash sets (MD5, SHA1, SHA256) and compare files for integrity or duplication.
- Timeline Construction – Build visual timelines showing file creation, modification, and user activity.
- Web & Download History Extraction – Extract history from popular browsers and identify suspicious download behavior.
- USB Device History Review – Identify USB and external devices previously connected to the system.
- Misnamed File Detection – Detect files with extensions that don't match their actual content to uncover disguised files.
- Registry & System Info Viewers – Analyze registry hives, installed software, services, and system components.
- Live RAM Analysis – View currently running processes, network activity, and hidden threats in memory.
- Plist, SQLite, & ESEDB Parsing – Review structured data in application databases and logs across Windows/macOS systems.
- Custom Hash Set Import – Import known file hash sets to compare against suspect systems (e.g., NSRL).
Pricing
Annual plans
Osforensics
USD 899
≈ USD 74.92/mo when billed annually
≈USD 74.92/mo when billed annually
Countries & Languages
Interface languages
Billing currencies
No reviews yet
Be the first to drop a review
Alternatives to OSForensics
Quick View Plus
Quick View Plus is a document viewing software from Avantstar that helps users access various…
eDiscovery Assistant
EDiscovery Assistant is a legal software platform from Minerva that facilitates electronic discovery processes. It…
WebPreserver
WebPreserver is a web archiving software from PageFreezer that captures and stores web pages for…
TunnelVision
TunnelVision is a data visualization software from DXTunnel that provides tools for understanding complex datasets.…
About OSForensics
OSForensics is a computer forensics software from PassMark Software that helps find and extract hidden forensic material on computers with reliability and ease. It combines training resources, user-friendly tools, and the latest events in forensic investigations so users can effectively analyze digital evidence. This solution supports a wide array of functionalities, making it suitable for law enforcement, corporate security, and IT professionals. OSForensics allows users to search for and recover files, analyze system logs, and perform memory analysis. Key capabilities: evidence collection file recovery system log analysis memory analysis training resources Best for: digital forensic investigators or professionals that need to conduct comprehensive investigations on computers.
OSForensics Details
OSForensics's In-App Market Place
Does OSForensics have an in-app market place?
Yes
How many Mini-Apps in the marketplace?
1
Mini Apps
N/A
Pricing Options
Plans
Annual plans
Osforensics
USD 899
≈ USD 74.92/mo when billed annually
≈USD 74.92/mo when billed annually
Accepted Payment Currencies
USD ($), EUR (€), GBP (£), AUD (A$), CAD (C$), JPY (¥), CNY (¥), INR (₹), RUB (₽), BRL (R$), MXN (Mex$), KRW (₩), ZAR (R), CHF (CHF), ARS ($)
Pros & Cons
- Offers a wide range of forensic tools in one cohesive platform.
- Excellent deleted file and hidden partition recovery.
- Strong support for file, email, and memory analysis.
- Suitable for both lab and field investigations via bootable/portable options.
- Effective case management and audit tracking for legal use.
- Interface is functionally rich but not modern in design.
- Lacks native cross-platform support for Linux/macOS investigators.
- Requires a learning curve for advanced analysis tools.
- Performance can slow with extremely large datasets.
OSForensics's Support Options
Email Address
info@passmark.comContact
+61 2 9690 0444Documentation
https://www.osforensics.com/wiki/Community Forums
https://forums.passmark.com/OSForensics's Alternatives
Quick View Plus
Quick View Plus is a document viewing software from Avantstar that helps users access various…
eDiscovery Assistant
EDiscovery Assistant is a legal software platform from Minerva that facilitates electronic discovery processes. It…
WebPreserver
WebPreserver is a web archiving software from PageFreezer that captures and stores web pages for…
TunnelVision
TunnelVision is a data visualization software from DXTunnel that provides tools for understanding complex datasets.…
