FAW is the first browser designed to capture web pages for forensics purposes from any web site on the Internet.network.
The FAW or Forensics Acquisition of Modern it allows the total acquisition, i.e. the complete analysis of the web page or just a part of it, the user choosing quickly and simply what he wants to use. Having as tools the scroll bar and the horizontal cursor it is easy for the user to decide which web area of the page he wants to analyze.
In addition, the application can analyze all pages that contain data streams. The software automatically acquires the videos or pages with the help of plug-ins (JavaScript, jQuery, Flash, etc.).
The program is also designed to work with web pages that contain frames, that is, websites that consist of separate sections, independent of each other. The side scroll bars allow you to navigate between different frames to decide what needs to be acquired by the user.
Additionally you can get all types of website files including: pictures, αρχεία, έγγραφα, εκτελέσιμα και Scripts. Τα data of all scanned files are placed in the Acquisition.xml folder.
Obtaining the objects linked to the page is configured by the user from the menu Configuration> Linked Objects. It is also important that the HTML code of the web pages can be obtained.
-User with WireShark. Wireshark is a network analyzer protocol, widely used in forensic networks, which has a benchmark of flexibility. Thanks to specific rules for sorting and filtering the researcher can extend and analyze the data quickly. FAW uses Wireshark's capabilities to capture all traffic on all interfaces on active networks. During the acquisition of the website, the researcher can analyze the entire traffic of the network that has been passed to reach the Web page. Completing allows you to have a log file in pcap format.
-Automatically calculate the MD5 and SHA1 fragmentation of all acquired files. The application automatically executes the MD5 hash and the SHA1 calculation for all the obtained files. Hash algorithms, especially SHA1 and MD5, are widely used in IT forensics to validate and digitally sign the acquired data. The recent legislation imposes a guarding chain that allows information technology to be preserved mainly by potential post-takeover changes.
-Verification of integrity of the acquisition. This feature enables you to verify the integrity of your market by using a proprietary algorithm to check if all the files that are recorded are not altered.
It is important to note that 9 versions of the program have come out with 8 / 1 / 2014 which means that the program is constantly updated, it is also a freeware program that anyone can download from the download center of the site. Finally, for anyone interested in downloading this program on the Site page, there are specific steps that make navigating the program very easy!
Paraphrastanitis Konstantinos and Papapaschos Nikos @Wikibook
Download
http://www.fawproject.com/en/download.aspx
