For the longest time I have tried to stay away from the idea of data source specific widgets. The idea I was that we should build raw capabilities like the timeline widget or the map widget and then arrange them based on the needs of the data being reviewed. Conceptually the idea made lots of sense to me. After all investigation don’t revolve around data sources, they revolve around the content of the data. The problem with my thought process was that certain data sources namely internet and mobile have so many unique attributes that it is very hard to arrange generic widgets in a manner that accommodates them sufficiently. So instead of turning Quin-C into a demonic game of twister we have decided to embrace data source specific widgets.

Database Parsing

Database Parsing in Quin-C

Databases are everywhere. Every meaningful investigation involves a database in one way or another. Database are used to hold just about everything ranging from simple user preferences to detailed financial information. Their importance to forensics investigations cannot be underestimated. Generally if it is important enough to need to store in a database it is valuable information in one way or another. Often forensics applications extract the data directly from the database and presents it in a way that make things simple for the investor. When that happens all is good and the investigator doesn’t need to even know a DB was involved. But when that doesn’t happen, which is often given the number of applications that utilize DBs, the investigator needs another method for interacting with the DB and this in an area in which Quin-C shines. Quin-C introduced DB forensics as an offering about twelve months ago but that initial offering was limited in scope and capability. Those limitations, have been stripped away in the 20190218 release of Quin-C. This release of Quin-C supports advanced Database analysis that in our opinion rivals or exceeds the capabilities of competitive products.

QView Roadmap & Strategy

QView has finally grown sufficiently large in scope and capability that it is worthy of a blog. My goal here is to drill into QView, explain what it is, where it is going, and hopefully convey at least a small part of the excitement we have in its potential.

