The core component of the software is an efficient Indexing Engine performing different preliminary analysis operations during the import phase of each piece of evidence. PTK allows simultaneous management of different cases and multi-user profiling. Investigators can work on the same case at the same time. All reports and bookmarks generated by an investigator are saved in a reserved section of the Database. PTK forensics is a complex web application based on very innovative technologies and builds an appealing, highly dynamic and very easy to use interface. Its developers used the PHP language and a back-end MySQL database implementing thus the LAMP structure (Linux-Apache-MySql-PHP).
-Efficient File Analysis
-Indexing Keyword Search
-Personal Bookmark Section
-Case features shared by: Multiple investigators and case lock
-Easier to use, PTK is based on Ajax.
-PTK is a dynamic web application with centralised -Database. More investigatots can work on the same case at te same time.
-Possibility to analyze the Memory Dump.
-Can be extended through other opensource tools.
-A log of all operations performed by the investigators is kept.
-Preliminary tests haven’t evinced problems.
-Many browsers are supported.
-PTK is a forensic analysis interface; in fact, PTK does not address incident response issues.
-Its main aim is to help small groups of investigators execute complex consultancy quickly and efficiently.