Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
Browse 548 digital forensics and incident response tools
FEATURED
RELATED TASKS
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
Automatic YARA rule generation for malware repositories.
Automatic YARA rule generation for malware repositories.
Automatic YARA rule generator based on Koodous reports with limited false positives.
Automatic YARA rule generator based on Koodous reports with limited false positives.
A tool for recovering files by scanning block devices and extracting them based on 'magic bytes' in file contents.
A tool for recovering files by scanning block devices and extracting them based on 'magic bytes' in file contents.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A multiplatform C++ library for capturing, parsing, and crafting network packets with support for various network protocols.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
A Forensic Framework for Skype with various investigative options.
A Forensic Framework for Skype with various investigative options.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A scalable python framework for security research and development teams.
A scalable python framework for security research and development teams.
iOSForensic is a Python tool for forensic analysis on iOS devices, extracting files, logs, SQLite3 databases, and .plist files into XML.
iOSForensic is a Python tool for forensic analysis on iOS devices, extracting files, logs, SQLite3 databases, and .plist files into XML.
A collection of YARA rules designed to identify files containing sensitive information such as usernames, passwords, and credit card numbers for penetration testing and forensic analysis.
A collection of YARA rules designed to identify files containing sensitive information such as usernames, passwords, and credit card numbers for penetration testing and forensic analysis.
AfterGlow Cloud is a Django-based web application that allows users to upload data and generate graph visualizations through a browser interface.
AfterGlow Cloud is a Django-based web application that allows users to upload data and generate graph visualizations through a browser interface.
A comprehensive guide to memory forensics, covering tools, techniques, and procedures for analyzing volatile memory.
A comprehensive guide to memory forensics, covering tools, techniques, and procedures for analyzing volatile memory.
A free, open source collection of tools for forensic artifact and image analysis.
A free, open source collection of tools for forensic artifact and image analysis.
Collection of Yara rules for file identification and classification
Collection of Yara rules for file identification and classification
ShadowCopy Analyzer is a tool for cybersecurity researchers to analyze and utilize the ShadowCopy technology for file recovery and system restoration.
ShadowCopy Analyzer is a tool for cybersecurity researchers to analyze and utilize the ShadowCopy technology for file recovery and system restoration.
A service that analyzes and visualizes security data to investigate potential security issues.
A service that analyzes and visualizes security data to investigate potential security issues.
A YARA interactive debugger for the YARA language written in Rust, providing features like function calls, constant evaluation, and string matching.
A YARA interactive debugger for the YARA language written in Rust, providing features like function calls, constant evaluation, and string matching.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
A user-friendly and fast Forensic Analysis tool with features like tagging files and generating preview reports.
A user-friendly and fast Forensic Analysis tool with features like tagging files and generating preview reports.
Digital Forensics and Incident Response Tools - FAQ
Common questions about Digital Forensics and Incident Response tools including selection guides, pricing, and comparisons.
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
