A user’s Outlook data for IMAP, POP3, and web-based mail accounts are stored in the Microsoft Outlook PST file. It holds a tree structure with nodes & leaves to store items within the folder. Custodian Outlook PST email files have three basic parts to be analyzed i.e. headers, body & attachments that preserve evidence. Users can Search inside PST Files without Outlook using the forensics software mentioned below.
Carl Wilson: Reporting 24X7 from HOLLADAY
Carl Wilson | September 25, 2020 | 12:15:10Since two days, the LIVE CHAT panel repeatedly popped up with a query that stated, “Looking for a solution to perform search inside PST files without having Outlook installed. Please help”. So, here goes the most preferable solution (Always love to figure out some time for my clients from the busy schedule!). The solution postulated can come up with use to digital forensic investigators, attorneys, law enforcement agencies, and even to the corporate administrators too.
For forensic investigators, it is not always possible to have MS Outlook installed on the machine as the additional requirement. But the need to investigate or peep into Outlook PST files can come up anytime and anywhere.
Best Solution to Search Inside PST Files Without Outlook!
In order to search inside PST files without Outlook, the most appropriate solution available till this date is MailXaminer Email Examiner Software. It is a specialized forensic tool, which can be used to search for evidence inside the PST files without Outlook. Make sure that the evidence PST file has been exported to the same machine on which the software exists.
NOTE: – If you don’t have the software installed, then you can get it by placing an order from the following section: –
https://www.mailxaminer.com/buy.html
For the demo version, to get an insight into the tool, contact at: –
https://www.mailxaminer.com/download.html
Highlighted Features of this Forensic Tool
This Email Forensics Tool allows searching inside the PST file without installation of Microsoft Outlook Email Client. It provides the following features:
- Facilitate multiple email view for the forensic analysis of damaged, password-protected & healthy PST files.
- Dig into suspected PST file & search for the evidence by using specific keywords and various search algorithms.
- It allows filtering of duplicate items while exporting the analyzed data in a required file format.
- The tool enables to create an evidence list with bookmarked selected emails & attachments.
- Tool provides multiple searches based on advanced algorithms such as General, Proximity, Regular Expression, Stem, Fuzzy, and Wildcard Searches.
- Multiple analytics options available to perform systematic evidence search i.e. Timeline analysis, Entity analysis, Link analysis, and Word Cloud analysis.
- Provides OCR technology to examine textual data from image attachments in emails.
- Facilitate forensic video analysis according to its sensitivity level.
- Its bookmark and tagging feature allows users to save evidential facts for further investigation.
How to Analyze PST Files & Search Inside PST Files Without Outlook?
To search the data present inside the PST file without Outlook, download and launch the above mentioned software and follow steps given below to perform the search operation.
Step 1: Case Management
For PST file examination, firstly user needs to add the suspected PST file into the software by creating a new case. If the user has previously created and saved any case, then it can be opened to resume examination. On the other hand, Delete Case and Edit Case options can be used to modify any pre-existing cases.
Step 2: Add PST File
To add the file into forensic software for examination, click on Add New Evidence button. A new window will pop-up. Here, select Microsoft Outlook (*.pst) option from the Email Client options and browse the suspected PST data file to add it into the software.
NOTE: – User is not required to install Microsoft Outlook to perform any kind of operation on Microsoft Outlook if the user is following this method.
Step 3: Search Option
Once the PST file gets uploaded and scanned by the software, one can search inside PST files without Outlook to perform in-depth investigation of the files. For that, go to Search section of the tool by clicking on the Search option, which is available on the left menu panel. It provides several searches based on advanced algorithms such as General Search, Proximity Search, Regular Expression, Stem Search, Fuzzy Search, and Wildcard Search. With the help of these searching options, users can extract the required evidential files in a hassle-free manner.
Step 4: Use Search Filters and Logical Operators
The tool provides options to customize the search by adding filters while searching for evidence in files. Use Filters button and Logical Operators such as AND, OR, NOT to make the search result more accurate.
Step 5: Extract Evidence with Keyword Searches
In the Keywords section of the tool, users can instantly fetch the evidential files by providing related keywords. In this process, tool automatically scans the entire email files, and extracts resultant files which corresponds to the mentioned keywords. Any number of keywords can be provided by the user in order to customize the searching of evidential data.
With more exploration of the available features, techies can search inside PST files without Outlook installed with this powerful software.
Conclusion
In order to perform email forensics analysis of suspected Outlook PST files, one has to find the artefacts related to the occurred cybercrime. For this scenario, the above mentioned software is most suitable. It proves to be one of the most power-packed and super-fast software, which works with 100% precision because of its advanced functionalities. This forensic tool not only lets you search inside PST files without Outlook, but also performs a variety of searches on data file to carve out the evidence in a detailed manner.
Carl Wilson, signing off for the day.
Have more queries? Do let us know. For more contact options, please visit: –