Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
Explore 494 curated cybersecurity tools, with 17,495+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
StegSolve is a steganography analysis tool with image analysis features.
StegSolve is a steganography analysis tool with image analysis features.
Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.
Analyse a forensic target to find and report files found and not found in hashlookup CIRCL public service.
A library to access and parse Windows Shortcut File (LNK) format.
A library to access and parse Windows Shortcut File (LNK) format.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.
Incident response and case management solution for efficient incident response and management.
Incident response and case management solution for efficient incident response and management.
dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.
dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
Network Forensic Analysis Tool for deep network traffic inspection and analysis.
Network Forensic Analysis Tool for deep network traffic inspection and analysis.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.
A program to manage yara ruleset in a database with support for different databases and configuration options.
A program to manage yara ruleset in a database with support for different databases and configuration options.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
Web-based tool for incident response with easy local installation using Docker.
Web-based tool for incident response with easy local installation using Docker.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
Automatic YARA rule generation for malware repositories.
Automatic YARA rule generation for malware repositories.
Automatic YARA rule generator based on Koodous reports with limited false positives.
Automatic YARA rule generator based on Koodous reports with limited false positives.
A tool for recovering files by scanning block devices and extracting them based on 'magic bytes' in file contents.
A tool for recovering files by scanning block devices and extracting them based on 'magic bytes' in file contents.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
A Forensic Framework for Skype with various investigative options.
A Forensic Framework for Skype with various investigative options.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A scalable python framework for security research and development teams.
A scalable python framework for security research and development teams.
Digital Forensics and Incident Response Tools - FAQ
Common questions about Digital Forensics and Incident Response tools including selection guides, pricing, and comparisons.
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
