Create full-disk forensic images and process a wide range of data types from many sources, from hard drive data to mobile devices, network data and Internet storage, all in a centralized, secure database. FTK® processes and indexes data upfront, eliminating wasted time waiting for searches to execute. Cut down on OCR time by up to 30% with our efficient OCR engine.
FTK® Forensic Toolkit
The Gold Standard in Digital Forensics For Over 15 Years
Features & Capabilities
Full-Disk Forensic Images
Create full-disk forensic images and process a wide range of data types from many sources, from hard drive data to mobile devices, network data and Internet storage, all in a centralized, secure database. FTK® processes and indexes data upfront, eliminating wasted time waiting for searches to execute. Cut down on OCR time by up to 30% with our efficient OCR engine.
Decrypt Files & Crack Passwords
Decrypt files, crack passwords, and build reports with a single solution. Recover passwords from over 100+ applications. Decrypt a computer drive encrypted by the latest version of McAfee Drive Encryption and features L01 export support, which eases the workflow of users when data must be used within multiple tools.
Parse Registry Files
Parse registry files and Windows system information files in an easy to read, interactive and reportable tab. Label, bookmark and export individual objects per category, allowing for easy searching, filtering and reporting.
Locate, Manage and Filter Mobile Data
Locate, manage and filter mobile data more easily with a dedicated mobile tab. Use the message application filter to quickly isolate data from message applications like WhatsApp or Facebook.
Collect, Process and Analyze Datasets Containing Apple File Systems
Collect, process and analyze datasets containing Apple file systems that are encrypted, compressed or deleted. FTK® Supports decryption of File Vault 2 from the APFS file system, as well as importing and parsing of AFF4 images created from Mac® computers (generated by third-party solutions like Cellebrite Digital Collector).
Visualization Technology
Visualization technology that helps you get a clearer picture of events by displaying your data in timelines, cluster graphs, pie charts, geolocations, and more. Dig deeper and view all EXIF data, including location, make and model of the device used to capture images or video
A Quick Look Inside The Product
Introducing FTK® 8.0
Solve complex cases faster with FTK's brand new interface designed to lead investigators directly to key evidence. Eliminate the hours spent manually digging for the data types you’re interested in. FTK 8.0 intelligently categorizes and displays data artifacts to help you pinpoint key evidence FASTER!
Get A Free FTK® DemoSee What Our Clients Are Saying
Yian Sun
Senior Forensics Specialist, CYTER
The Australian-based consulting firm, CYTER, was engaged by a large law firm to provide e-discovery consulting services for a major government investigation. The engagement was large and highly sensitive, making evidence discovery crucial, so they chose FTK. After the law firm received CYTER’s ECA, they used a different tool—a competitor to FTK—to reprocess the same raw data. To the astonishment of everyone, the competitive tool surfaced just 10% of the data that FTK harvested.
Explore Other Exterro ClientsRelated Resources
~ Select Clients ~
