E Detective is a real-time internet interception, monitoring and forensics system that captures, decodes and reconstructs various types of internet traffic. It is commonly used for organization internet and behavioral monitoring, auditing, record keeping, forensics analysis and investigation as well as legal and lawful interception for law enforcement agencies such as Police Intelligence, Military Intelligence, Cyber Security Department, National Security Agencies, Criminal Investigation Agencies, Counter Terrorism Agencies etc. It also provides compliance solution for many standards or acts like Sarbanes Oxley Act (SOX), HIPAA, GLBA, SEC, NASD, E-Discovery and many others.

E Detective is capable to decode, re-assembly and reconstruct various internet applications and services such as Email (POP3, IMAP and SMTP), Webmail (Yahoo Mail, Windows Live Hotmail, Gmail etc.), Instant Messaging (Yahoo, MSN, ICQ, QQ, Google Talk, IRC, UT Chat Room, Skype), File Transfer (FTP, P2P), Online Games, Telnet, HTTP (Link, Content, Reconstruct, Upload and Download, Video Streaming), VOIP (optional module) etc.

E Detective comes with wide variety of management and administrative functions and features. It provides you various types of report with Top-Down View. Report that can be created include Total Throughput Statistical Report, Network Service Report (Daily, Weekly basis), Top Websites etc. All statistics can be displayed in per IP Address OR per User Account basis.

E Detective also provides varieties of search functions. It provides Free Text Search (search by keywords with Boolean support), Conditional Search, Similar Search and Association with Relationship Search. It also comes with Alert and Notification (Throughput, Conditional and Keywords Alerts) functions that allow the network administrator to setup different alert rules and parameters. This allows alert to be triggered (Email to be sent to the administrator) once the specified content is found in the captured and reconstructed content.

E Detective's Backup function allows user to backup the captured raw data files or reconstructed contents. User can setup auto backup to backup these files to external drive (NAS or SAN) through FTP upload method. Besides, user can opt for manually backup these files by burning them into CD/DVD or even downloaded them to a local hard drive/PC. Other functions available are like Bookmark, Capture File List (Comparing the content of two files), Online IP List, Authority Assignment, Syslog Server etc. Others functions include hashed export (backup), file content comparison etc.

Wireless Detective is a complete and comprehensive Wireless LAN (WLAN) legal interception and forensics investigation solution for the intelligence related units/agencies such as police, military, criminal investigation department, national security department etc. In fact, it is the most reliable solution to trace, identify all illegal Wireless LAN Internet activities or transactions and preserve all of this evidence.

Wireless Detective is the smallest and lightest WLAN forensics investigation tool available. It consists of a small laptop (12.1 inches monitor screen) with Linux base OS integrated with Wirelss-Detective software installed. With that small size (mobility), forensic professional can easily carry it out to any places (such as restaurant, shopping mall, airport, café, hotspot etc.) for legal interception and forensics investigation task without the notice of the pubic and most importantly, the suspect/target won't know about it. With the capability to scan all WLAN channels (802.11a/b/g – 2.4 GHz and 5 GHz frequency bands) to capture/sniff WLAN traffic from available Wi-Fi networks, decrypt WEP encrypted (WPA-PSK optional module) wireless network (automatically or manually), decode and reconstruct captured WLAN raw data, store the raw data captured and store the reconstructed data in its database, and display them in the original and exact content format, it make it the most complete (All-in-One) WLAN interception and forensic investigation tool. Furthermore, the Wireless-Detective user management interface or GUI (accessed through a browser) is very user friendly, easy to operate and manage.

Wireless Detective is capable of decoding and reconstruct WLAN Internet traffic in real time such as Email (POP3, SMTP, IMAP), Webmail (Gmail, Yahoo Mail, Windows Live Hotmail etc.), Instant Messaging/Chat (MSN/Windows Live Messenger, Yahoo Messenger, IRC, ICQ, QQ, UT Chat Room, Google Talk Gmail, Skype Voice Log), FTP, P2P, Online Game, TELNET, HTTP (URL Link, Content, Reconstruct, Download/Upload, Video Stream) etc. After the decoding and reconstruction of the captured traffic, it displays them in its menu list according to different protocol/category types in exact or original content format. With capability of search by keyword or search by parameter (conditional search), it allows further forensics investigation and analysis to be carried out. This has proven that Wireless-Detective is an All-in-One system (all WLAN investigation work is conducted in one machine) that can speed up the entire investigation process.

Due to these advantages of Wireless Detective system compare to other available wireless forensic tools, a lot of forensics professionals all over the world have opted to have Wireless-Detective system as their professional tool for legal interception and investigation. For these guys, the mobility (smallest system) of Wireless-Detective and its complete features/functions, reliability and All-in-One solution have won their heart and trust to fight Internet fraud, high tech criminal and terrorism through the usage of Wi-Fi networks.

E Detective Decoding Centre (EDDC) is designed as a Linux based centralized system for offline Internet raw data file parsing and reconstruction. It can be used to parser (decode and reconstruct) raw data files in PCAP format collected from different sources. Internet raw data (Internet packets) files can be collected from an Ethernet/LAN network or a WLAN network through different packet capturing or sniffing tools such as Ethereal, Wireshark, tcpdump, WinDump etc.

EDDC comes with specifically designed features that allow different forensic investigators to identify project or case specific offline Internet raw data files for decoding and reconstruction on a system. It allows the administrator to create different user accounts and different cases of investigation for various users or forensic professionals or investigators. The administrator has the flexibility to assign different rights and access levels to different users to manage access to the reconstructed data on different cases. The users can then import their Internet raw data files collected from different sources into the system to carry out the parser and analyzing process.

EDDC allows Internet Content Forensics tasks to be carried out easily and systematically in order to obtain a variety of information and evidence needed from the Internet raw data files collected. EDDC also aims to assist Police Intelligence Services, Military Intelligence Organizations, Intelligence Bureaus, National Security Agencies, Government Intelligence Agencies and all forensics related agencies in conducting Internet Content Forensics geared towards enhancing their investigative effort.

HTTPS/SSL Network Forensics Device (HTTPS/SSL Interceptor) is designed specially for forensics purpose where it is used to decrypt HTTPS/SSL traffic. It can be used by legal enforcement bodies, police, investigation units, forensics firms, government departments for tracking or monitoring suspects HTTP and HTTPS activities (through Internet). HTTPS/SSL Device has E-Detective web reconstruction function (HTTP Link and HTTP Content) integrated into the system which allow the administrator to see the web page content of normal and secured web page.

HTTPS/SSL Interceptor works in two modes: 1. Man in the Middle Attack (MITM); and 2. Offline Method (Decrypting HTTPS raw data with Private Key Available). In MITM method, it acts as a proxy to the targeted PC/suspect. All traffic from the targeted PC or suspect will be redirected to the HTTPS/SSL Interceptor. Therefore, it can collect the genuine certificate from SSL Server if the targeted PC access to the SSL Server. At the mean time, the HTTPS/SSL Interceptor returns with its own generated certificate. In this method, it allows the HTTPS/SSL Interceptor to decrypt the HTTPS traffic. In Offline Method, with the HTTPS raw data captured, HTTPS/SSL Interceptor is capable to decrypt the traffic if the private key is available. Login usernames and passwords like Google or Gmail login, Yahoo Mail login, ebay login etc. can be captured by the HTTPS/SSL Interceptor.

VoIP Detective is capable to capture, decode and reconstruct VOIP sessions (RTP sessions). It allows the play back of voice calls on network. Besides, all the voice calls content can be stored and backup for further reference purpose. The supported protocols include SIP (technology that is most commonly used) and H.323. The supported CODECs include G.729, G.711-a law and G.711-u law, G.723, G.726 and ILBC.

Cyber crime (Illegal and unauthorized Internet usage) has increased in recent years due to open communications policy in many countries all over the world. The initial effort to prevent, curb and detect these illegal usage activities by using content filtering and application or service blocking solutions have failed as there are too many back door paths. Terrorists start to love the Internet and exploit all possible way of communications among themselves through the Internet. Politicians start to make use of Internet to spread their propaganda and message to their supporters. Illegal betting organizations make use of Internet for illegal transactions. Drugs and weapons dealers exploit the Internet to close on drug and weapons smuggling deals. School and universities students download unauthorized MP3s, Movies and Software from the Internet. More and more people start to make use of Internet for their own benefits in all sorts of ways. The “Online Population” has increased tremendously in recent years.

Network Investigation Toolkit (NIT) is designed specially by Decision Group for LEA such as Police, Military, Criminal Investigation Agencies, National Security Agencies, Cyber Security Agencies, Counter Terrorism Department, Forensics Investigator etc. to conduct network based forensics investigation whether it is on a Wired or Wireless LAN networks. NIT is a portable unit (laptop based) with comprehensive network forensics features which can be carried at any location for network based investigation task. NIT can be used to intercept on targeted networks or users to collect the necessary evidences and trace out the source of communication. The unique capability of this system is its combination of various features and functions to conduct LAN real-time interception, WLAN real-time interception, HTTPS/SSL MITM interception on both LAN and WLAN networks as well as offline analysis and reconstruction of pre-captured raw data files. The 3.5G/HSDPA USB Adapter is included in the package for user to remote access and manage the system.