Win-LiFT is a Windows Live Forensics Tool consisting of Win-LiFTImagerBuilder and Win-LiFTAnalyzer. Live Forensics involves acquisition of volatile data from the Suspect's machine and analysis of the acquired data. Win-LiFT enables volatile data acquisition using Win-LiFTImager and analysis of the same using Win-LiFTAnalyzer.

Win-LiFTImagerBuilder (Tool for building Win-LiFTImager)

Win-LiFTImagerBuilder, which runs in the Investigator's machine, builds Win-LiFTImager tool.


Win-LiFTImager (Forensic Volatile Data Acquisition Tool)

Facility to select USB/Hard Disk drive to which Win-LiFTImager tool is to be built

Searching and Filtering

Searching and filtering helps to reach analyst's goals faster. Flexible filter expressions are provided for packet level analysis and for data level analysis. The data level filtering supports filtering based on date, time, IP, MAC and port. The regular expression based searching gives the analyst the full power that he expects from a tool.


Other Features

Download Brochure

Contact Details for Techno Commercial Information

Group Head, Cyber Security Group,
CDAC Thiruvananthapuram
email- csg@cdac.in, tpc@cdac.in
Phone : 0471 2781500