I used to conduct raw search in EnCase v6, and I'd like to see if EnCase v7 raw search could hit keywords inside compound files or not. You won't believe it~search results is 0 but those keywords do exist inside compound files...Let my show you my test as below:

Scenario:

Two compound files, one is a docx and the other is a xlsx. Two keywords, one is "password",and the other is "密碼".

1. Evidence Processing( expand compound files option is checked) completed.

2. word.docx

3. excel.xlsx

4. Conduct raw search

5.Search result = 0

As you could see that those keywords do exist in those two compound files, but no any hits...

EnCase v7 search hits in compound files?的更多相关文章

  1. How to search compound files

    Last week my friend told me that she made a terrible mistake. She conducted raw serch and found no s ...

  2. [DFNews] EnCase v7.08发布

    EnCase v7.08 近日正式发布,7.08增加了Evidence Processor Manager以及Evidence Processor,不仅可以在本地实现证据处理队列,也支持了通过网络进行 ...

  3. Something wrong with EnCase index search in Unallocated area

    hi, My EnCase version is v7 and I found a terrible issue about index search in Unallocated area. Wit ...

  4. [Linux] Search the contents of files using grep

    Learn the basic syntax for using grep to search the contents of a single file or files. It's like CM ...

  5. EnCase v7 could not recognize Chinese character folder names / file names on Linux Platform

    Last week my friend brought me an evidence file duplicated from a Linux server, which distribution i ...

  6. [IR课程笔记]Hyperlink-Induced Topic Search(HITS)

    两个假设 1. 好的hub pages: 好的对某个主题的hub pages 链接许多好的这个主题的authoritative pages. 2. 好的authoritative pages: 好的对 ...

  7. EnCase v.s. FTK - find out Chinese characters writing in different direction

    A friend of mine said to me that she could fool those forensic tools easily by changing writing dire ...

  8. Lucene add、updateDocument添加、更新与search查询(转)

    package com.lucene;   import java.io.IOException;   import org.apache.lucene.analysis.standard.Stand ...

  9. 关于Eclipse Debug断点调试出现 Search not found 页面的解决办法

    1. 在代码中鼠标右键 Debug AS ---> Debug Configurations... ----> 找到Source选项  ---> 点击add ---> 选择 j ...

随机推荐

  1. DPI和像素

    像素(Pixel) 对于计算机的屏幕设备而言,像素(Pixel)或者说px是一个最基本的单位,就是一个点.其它所有的单位,都和像素成一个固定的比例换算关系.所有的长度单位基于屏幕进行显示的时候,都统一 ...

  2. 简单数据访问类,生成简单SQL,自动转换成java对象

    import java.util.HashMap; import java.util.List; import java.util.Map; import org.slf4j.Logger; impo ...

  3. unix 中 ps -ef命令详解

    ps -ef 查看正在活动的进程 ps -ef |grep abc 查看含有"abc"的活动进程 ps -ef |grep -v abc 查看不含abc的活动进程 1)ps a 显 ...

  4. SOA 与 DDD

    SOA是技术架构方面,Evans DDD则是哲学方法论方面,所属方向不一样,或者说两者非常的无关.甚至是两个不同方向.使用DDD可以将系统从无到有到大建立起来,而大到一定程度,就需要SOA,整合异构. ...

  5. Yii 框架中带有区间的搜索

  6. Python深入05 装饰器

    作者:Vamei 出处:http://www.cnblogs.com/vamei 欢迎转载,也请保留这段声明.谢谢! 装饰器(decorator)是一种高级Python语法.装饰器可以对一个函数.方法 ...

  7. 打造高性能Java应用需掌握的5大知识

    这篇文章节选自<java performance>,对java性能比较关心的同学大概都知道这本书,性能这个东西可能是很多同学在日常写java code的时候很少去关心的,但是在我们写cod ...

  8. CRM报表打印

    删除路径下的文件 C:\Windows\Downloaded Program Files\rsclientprint.dll路径下的这个dll文件,重新登录crm选择一个面单点击打印按钮重新安装插件

  9. ubuntu 14.04 安装git server

    版本信息 ubuntu : 14.04.1 git version 1.9.1 perl v5.10.1 ssh OpenSSH_6.6.1p1 本次安装的git server使用gitolite实现 ...

  10. requestDisallowInterceptTouchEvent

    ViewPager来实现左右滑动切换tab,如果tab的某一项中嵌入了水平可滑动的View就会让你有些不爽,比如想滑动tab项中的可水平滑动的控件,却导致tab切换. 因为Android事件机制是从父 ...