FAW is the first browser that has been designed to acquire websites for Forensics purposes from any web site on the Internet.
The FAW or Forensics Acquisition of Websites program allows the total acquisition, i.e. the complete analysis of the website or just a part of it, with the user quickly and simply choosing what they want to use. Having the bar as tools scrolland the horizontal cursor it is easy for the user to decide which web area of the page he wants to analyze.
Additionally, the application can analyze all pages that contain feeds. The software automatically acquires videos or pages with the help of plug in (JavaScript, jQuery, Flash, etc.).
The program is also designed to work with web pages that contain frames, that is, websites that consist of separate sections, independent of each other. The side scroll bars allow you to navigate between different frames to decide what needs to be acquired by the user.
Plus you can get all types files of the website, including: pictures, archives, documents, executables and Scripts. The details of all scanned files are placed in the Acquisition.xml folder.
Obtaining the objects linked to the page is configured by the user from the menu Configuration> Linked Objects. It is also important that the HTML code of the web pages can be obtained.
-User with WireShark. Wireshark is a network protocol analyzer, widely used in forensics networks, which has flexibility as a reference point. Thanks to special rules for sorting and filtering the researcher can extrapolate and analyze the data quickly. FAW uses the capabilities of Wireshark to capture all traffic on all interfaces in active networks. During the acquisition of the web page, the researcher can make an analysis of all the network traffic that went through to reach the web page. Completion allows you to have a log file in pcap format.
-Automatically calculate the MD5 and SHA1 fragmentation of all acquired files. The application automatically executes the MD5 hash and the SHA1 calculation for all the obtained files. Hash algorithms, especially SHA1 and MD5, are widely used in IT forensics to validate and digitally sign the acquired data. The recent legislation imposes a guarding chain that allows information technology to be preserved mainly by potential post-takeover changes.
-Verification of integrity of the acquisition. This feature enables you to verify the integrity of your market by using a proprietary algorithm to check if all the files that are recorded are not altered.
It is important to note that 9 versions of the program have come out with 8 / 1 / 2014 which means that the program is constantly updated, it is also a freeware program that anyone can download from the download center of the site. Finally, for anyone interested in downloading this program on the Site page, there are specific steps that make navigating the program very easy!
Paraphrastanitis Konstantinos and Papapaschos Nikos @Wikibook
Download
http://www.fawproject.com/en/download.aspx
