Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
Explore 494 curated cybersecurity tools, with 14,237+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
AI-powered platform for cyber incident response and crisis management
AI-powered platform for cyber incident response and crisis management
Automated Security Control Assessment platform for SOC optimization
Automated Security Control Assessment platform for SOC optimization
Red Hand Analyzer is an online tool that provides automated behavioral analysis of PCAP files to detect malicious network activities and security vulnerabilities without decrypting traffic content.
Red Hand Analyzer is an online tool that provides automated behavioral analysis of PCAP files to detect malicious network activities and security vulnerabilities without decrypting traffic content.
An open-source incident response case management tool that provides visualization, threat intelligence lookups, and security framework mapping in a unified workspace.
An open-source incident response case management tool that provides visualization, threat intelligence lookups, and security framework mapping in a unified workspace.
A case management platform for Security Operations Centers that enables collaborative incident response, workflow automation, and compliance reporting throughout the cybersecurity incident response lifecycle.
A case management platform for Security Operations Centers that enables collaborative incident response, workflow automation, and compliance reporting throughout the cybersecurity incident response lifecycle.
A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.
A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
CBRX is a cloud-based platform that automates incident analysis and reporting for cybersecurity teams.
CBRX is a cloud-based platform that automates incident analysis and reporting for cybersecurity teams.
TheHive is a case management platform for security operations teams that facilitates incident response, threat analysis, and team collaboration.
TheHive is a case management platform for security operations teams that facilitates incident response, threat analysis, and team collaboration.
A binary analysis platform for analyzing binary programs
A binary analysis platform for analyzing binary programs
A powerful reverse engineering framework
A reverse engineering framework with a focus on usability and code cleanliness
A reverse engineering framework with a focus on usability and code cleanliness
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A tool that recovers passwords from pixelized screenshots
A tool that recovers passwords from pixelized screenshots
A simple tool to take screenshots of HTTPS websites
A simple tool to take screenshots of HTTPS websites
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
VMCloak is a tool for creating and preparing Virtual Machines for Cuckoo Sandbox.
VMCloak is a tool for creating and preparing Virtual Machines for Cuckoo Sandbox.
A collection of YARA rules for Windows, Linux, and Other threats.
A collection of YARA rules for Windows, Linux, and Other threats.
Interactive malware hunting service with live access to the heart of an incident.
Interactive malware hunting service with live access to the heart of an incident.
Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.
Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
TRENDING CATEGORIES
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
POPULAR
Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.