The National Law Enforcement and Corrections Technology Center (NLECTC) has released Field Search.
Design and development of Field Search was initially funded by NLECTC, a branch of the National Institute of Justice. It is now a cooperative volunteer project between KBSolutions, Silent Shield, and NLECTC. The software is a FREEWARE product available to justice system agencies and is officially distributed through the National Law Enforcement and Corrections Technology Center - Corrections Center of Excellence. .
Field Search Software was developed by Jim Persinger of Silent Shield. with design consultation by KBSolutions. The software is specifically designed for Probation and Parole Officers to conduct fast and meaningful exams of offender’s computers in the field. Given changes that accompany the Vista/7/8/10® environment, Field Search may also be a viable tool for First Responders. The easy to use software comes with an 109 page manual to assist field officers in using the application.
While designed to complement classes taught by Certified Field Search Instructors(CFSI), the software can be used by non-technical officers who have not attended the class yet wish to quickly and efficiently search an offender’s computer. Field Search users report success with both Field Search and the knowledge they gain in class.
Field Search software allows officers to accomplish the following tasks within 30 to 45 minutes:
1. Search logical URL and Cookie histories (listings of places web browsers have gone) (FS v 5 now handles Edge Browser)
2. Find all logical images (pictures which still exist as files on the computer).
3. Retrieve all MRUs (most recently used).
4. Retrieve all Link files from system.
5. Search logical files for text or phrases in all languages. (
6. Ability to scan single folders.
7. Opens and searches for images and text in Office 2007+ files.
8. List media available to the user on the system.
9. Copy seized evidence onto removable media.
10. Immediately produce an exportable report which contains system configuration and all evidence tagged for inclusion in the report (with associated path and MAC dates).
11. Export all information into a spreadsheet for further examination.
12. Extract browser (URL) histories from file slack space and volume free space (listings which have been deleted but remain on the drive). This function adds significant time to the examination.
13. Extensive manual in PDF format accompanies the software.
14. Find all logical multi-media files - capture screen shots for the report
15. Extract and sort data from the Recycle Bin
16. Built-in Evidence Zipper Function - zips up files tagged for inclusion in the report. Zip file can be saved on removable media.
17. Easily change the GUI to any language.
18. Powerful Registry Tool now built into Field Search.
19. Examine registry hives on attached volumes.
20. Review chat activity within four popular chat clients.
21. Do a HASH comparison against known HASH sets.
22. Automatically checks for encryption (Truecrypt, PGP, DiskCryptor and Bitlocker). (New in 220.127.116.11)
23. Lists all running processes, can select and put in Final Report.
(New in 18.104.22.168)