Â
THE INTELLIGENT AGENT
EDISCOVERY - DIGITAL FORENSICS - MALWARE DETECTION - IT COMPLIANCE
Unlike 'dumb' agents used to create indexes, the ISEEK Intelligent Agent can be deployed across networks in minutes to run independently on each system for extremely fast results. By creating its own virtual machine in memory, ISEEK can perform a range of tasks, from identifying malware in an email attachment to collecting Windows Registry Hives from running machines. ISEEK's literal string search and raw disk-reading capabilities means it does not rely on the operating system or installed applications to locate artifacts meeting the search criteria, regardless of the language used or their complexity.
Â
INNOVATION IN PRACTICE
DIGITAL FORENSICS
The typical approach to forensic processing relies on existing partition tables and file tables, but then has to resort to the crude salvage approach whenever it fails to identify a file system on a disk. Instead, ILOOKix makes no assumptions that the partition tables and other filesystem structure is intact but scans the entire disk using custom algorithms to locate filesystem artifacts. This enables ILOOKix to be unique in its ability to rebuild folder structures and recover intact files complete with their metadata, even in Ext3/Ext4 filesystems and Windows Volume Shadow Copies.
​
Based around MS SQL Server, ILOOKix has the capacity to handle massive cases without 'freezing' or slowing down, even when being run in a virtual environment and on standard hardware.
Volume shadow copies are automatically processed and added to the folder tree while Windows Registry Hives and associated artifacts are rendered on their own tab.
​
​ILOOKix is unique in being able to recover deleted files from volume shadow copies and even Ext3 and Ext4 filesystems.
ILOOKix's capacity to automatically deconstruct any SQLite database (which it converts and displays as a spreadsheet) and numerous other file types is done to present the data in the easiest form for review by the practitioner.
​
