This is a group that has a very wide reach. We found that there is a lot of "business as usual" in this group and not a lot of really eye-popping innovation.
This is a group that has a very wide reach. We found that there is a lot of "business as usual" in this group and not a lot of really eye-popping innovation.

SiQuest

There are a lot of tools intended to find internet-based artifacts during a forensic analysis of a computer's hard drive. Most of them are pretty good. This product, Internet Examiner Toolkit, or IXTK for short, though, is great. When you start looking at this tool it is almost as if you started out by asking, “What would I like this tool to do?” and then discovering that whatever your reply, it does it.

Vendor: SiQuest 

Flagship product: Internet Examiner Toolkit (IXTK) 

Cost: $1,995 Innovation: Internet-based evidence discovery. 

Greatest strength: Broad range of internet-based artifacts and support for 17 different languages and real-time collection of live internet evidence.

A couple of highlights: Would you like to be able to extract social media conversations in a foreign language? No problem. IXTK supports 17 of them. How about real-time collection of evidence on the internet? No problem. It does that too. Of course it collects browser artifacts, chat, email and instant messages. But it also grabs pictures, videos, social networking and peer-to-peer communications. It supports Facebook, Skype, Twitter, Kik and YouTube directly and can access just about any popular forensic image format. It can analyze video evidence in a frame-by-frame mode. In short, this almost is the Swiss Army Knife of internet evidence tools.

We say "almost" because, of course this Innovator always is looking for new things to add and new ways to analyze. This product was created to support the fight against crimes against children. But it goes far beyond that now.

We have used this tool in the SC Lab for several months now and it is clear that it was created by law enforcement for law enforcement. We have yet to find an internet browser in common use that it doesn't support (Internet Explorer, Chrome, Firefox, Safari, Opera) and using it is a walk in the park. That's important because time is critical in an age where virtually every digital forensic lab is backlogged with months of work stacked in the evidence locker waiting its turn for analysis.

The driving force behind IXTK is a former law enforcement officer with the vision of developing the way internet-based evidence is identified, collected and examined. After using this tool in live investigations, we think there's a pretty good chance he will succeed.