Computer Forensics Labs Paraben P2 Explorer Lab

FacebookTwitterGoogle+LinkedInEmail
Description
This lab introduces you to the P2 Explorer, a freeware tool that examines hard disk images.  This tool is used for examining single or multiple computers, cell phones, network systems, any hard drive system. The lab demonstrates the installation, configuration and then shows you how to use it and shows you what information is displayed.  It’s an excellent tool for visually displaying detailed information in summary format of all the devices connected to your network, well beyond what the basic Windows Explore display provides. [toggle_content title="Transcript"] Hi, Leo Dregier here. I want to talk to you about a program called P2 Explorer. It’s just something that you can easily find and download on the Internet, so here’s P2 Explorer, and let’s go ahead and run through the install. I’m going to accept the terms. Choose where you want to install it, uh, and then go ahead and just run through the install and it will just take a second for it to go ahead and install. This specifically is a uh, a freeware version. Um, you can see that it popped up, you know, cannot verify the publisher of the device software. Okay, that’s fine. Install it anyway, and, and basically just, you know, click, click, click, click, click all the way through. Uh, give it a chance to run and uh, it will go ahead and create an icon on your desktop called P2 Explorer. So we’re just going to go ahead and give it a second here and let the install finish. Okay, great. It took a second for it to finish installing, but it looks like it finished without a hiccup, as it normally should have. Okay, so that’s great. Now we can go in, launch it. Uh, P2 Explorer. Okay, here we go. So, specifically what this is, is it’s the um, uh, Paraben’s Device Seizure, the only complete edition for cell phone. It does email registry, Internet detection, porn detection, and so much more. And if you want you can click on those icons there and uh, you know, it will open the web page, uh, but at the moment I’m not connected to the Internet. So, what I have here is basically the uh, the Explorer way, the Explorer way of looking at this. So you can see right from the get go it um, doesn’t look like too much of an impressive program. Okay? So if I hit File I can unmount or unmount all. That would be all these options down in here. Uh, I can select and add in different columns but notice they’re all checked by default. Uh, I can also change the order of them. I would probably leave all of that just by itself. Um, I can calculate the MD5 hash along with it. That’s kind of nice in terms of an, uh, of an option. Okay? And then basically you can see, you can go in and uh, see this program run. Um, so for example if I wanted to grab something from my C: drive and basically look at it or any sort of connected device, I basically can get right in there, so I’m looking at that. So these are the different drives that I have mounted to this computer. So if I had more than one drive, you know, I can go grab it, all right, and add it in. So it’s a great way of basically looking at all of the different mounted programs and applications that you have um, if you’re doing multiple forensic investigation with multiple drives. The, not to say you realistically couldn’t use Windows Explorer for this, uh, but it’s nice to have it all very nice and clean uh, and nice summary uh, from this point of view as opposed to um, let’s just say, uh, this point of view over here in the computer. Okay? So while we can realistically change that to something like Details or something like that and we can even go in and look at File Systems, any sort of Comments, uh, Network Locations, or you know, the percentage full of the drive. Um, it kind of runs out and it’s not as pretty to look at. So in P2 Explorer you can uh, get a nice summary of all of the things you have connected to your computer. So, I like it specifically for that reason. Uh, but it’s a way you can look at, you know, all your um, mounted devices or all the things that you have connected to your computer. Okay? So that’s the, that’s the uniqueness of a P2 Explorer. Okay? Uh, it, it’s basically just a, a simple program that you can summary level and you can look at all of the things that are connected to your computer uh, when you’re doing the analysis. Yeah, it doesn’t seem impressive but when you’re, circuiting, you know, 20 and some odd drives connected to your computer because you’re doing a lot of analysis it definitely helps. It’s fast, it’s efficient, um, and give it a try. It’s um, Paraben’s P2 Explorer and it will definitely help you in your network and forensics investigation process. My name’s Leo Dregier, thank you for watching. [/toggle_content]
Recommended Study Material
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel