Top picks: SafenSoft SoftControl Change Monitoring, Binwalk, smartmontools — plus 45 more compared.
Security OperationsJSDetox is a free tool. Security professionals most commonly compare it with . All 48 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to JSDetox, including their key features and shared capabilities.
FIM and config change monitoring tool with baseline deviation detection.
Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images.
A utility package that monitors hard drive health through SMART technology to detect and prevent disk failures before data loss occurs.
OCyara performs OCR on images and PDF files to extract text content and scan it against Yara rules for malware detection.
A read-only FUSE driver that enables Linux systems to mount and access Apple File System (APFS) volumes, including encrypted and fusion drives.
A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.
edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.
LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.
FIM and config change monitoring tool with baseline deviation detection.
Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images.
A utility package that monitors hard drive health through SMART technology to detect and prevent disk failures before data loss occurs.
OCyara performs OCR on images and PDF files to extract text content and scan it against Yara rules for malware detection.
A read-only FUSE driver that enables Linux systems to mount and access Apple File System (APFS) volumes, including encrypted and fusion drives.
A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.
edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.
LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.
wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
A deprecated digital forensics tool by Netflix that helped investigators scope compromises across AWS cloud instances by identifying behavioral differences and outliers during security incidents.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
An OCaml Ctypes wrapper for the YARA matching engine that enables malware identification capabilities in OCaml applications.
A GNU Emacs editor mode that provides syntax highlighting, indentation, and language server integration for editing YARA rule files.
FIR is a Python-based cybersecurity incident management platform designed for CSIRTs, CERTs, and SOCs to create, track, and report security incidents.
OCaml bindings to the YARA scanning engine for integrating YARA scanning capabilities into OCaml projects
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
POFR is a Linux forensic data collection system that captures process execution, file access, and network activity for incident response and compliance analysis.
A Python 3 tool for analyzing XOR-encrypted data that can guess key lengths and decrypt XOR ciphers based on character frequency analysis.
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
A discontinued disk imaging utility originally developed by Intel that used block map files for efficient disk image copying operations.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
AMExtractor is an Android memory acquisition tool that dumps physical device memory using /dev/kmem without requiring kernel source code.
Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.
A portable Rust-based tool for acquiring volatile memory from Linux systems without requiring prior knowledge of the target OS distribution or kernel.
Drltrace is a dynamic API calls tracer for Windows and Linux applications.
A decentralized network panic button that triggers emergency system shutdowns across networked machines via UDP broadcasts and HTTP to prevent cold boot attacks.
Porting GNU/Linux userland tools to the bionic/Linux userland of Android to provide access to the audit stream for Android applications with minimal overhead.
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
A modern tool for Windows kernel exploration and observability with a focus on security.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
A Vim syntax-highlighting plugin for YARA rules that supports versions up to v4.3 and provides enhanced code readability for malware analysts.
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
A command-line forensics tool for tracking and analyzing USB device artifacts and connection history on Linux systems.
SIFT is a digital forensics toolkit that provides installation management, task execution, and machine image building capabilities for forensic investigations on Ubuntu systems.
pcapfex is a forensic tool that extracts files from packet capture data by analyzing network traffic and identifying embedded file content.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
Margarita Shotgun is a Python tool that enables remote memory acquisition from target systems through command line interface, supporting Linux distributions and other operating systems via Docker containers.
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
A utility for recovering deleted files from ext3 or ext4 partitions.
Encode or encrypt strings to various hashes and formats, including MD5, SHA1, SHA256, URL encoding, Base64, and Base85.
Free tools for the CrowdStrike customer community to support their use of the Falcon platform.
A tool for analyzing TCP packet traces with color support.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
Common questions security professionals ask when evaluating alternatives and competitors to JSDetox.
The most popular alternatives to JSDetox include SafenSoft SoftControl Change Monitoring, Binwalk, smartmontools, OCyara, and APFS FUSE Driver for Linux. These Digital Forensics and Incident Response tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
