Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
Explore 494 curated cybersecurity tools, with 17,495+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
Encode or encrypt strings to various hashes and formats, including MD5, SHA1, SHA256, URL encoding, Base64, and Base85.
Encode or encrypt strings to various hashes and formats, including MD5, SHA1, SHA256, URL encoding, Base64, and Base85.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
DFIR ORC Documentation provides detailed instructions for setting up the build environment and deploying the tool.
DFIR ORC Documentation provides detailed instructions for setting up the build environment and deploying the tool.
A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.
A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Independent software vendor specializing in network security tools and network forensics.
Independent software vendor specializing in network security tools and network forensics.
A sandbox for quickly sandboxing known or unknown families of Android Malware
A sandbox for quickly sandboxing known or unknown families of Android Malware
IDAPython plugin for generating Yara rules/patterns from x86/x86-64 code through parameterization.
IDAPython plugin for generating Yara rules/patterns from x86/x86-64 code through parameterization.
A portable forensic tool that detects encrypted containers like Truecrypt and Veracrypt by analyzing file headers, block cipher patterns, and entropy without external dependencies.
A portable forensic tool that detects encrypted containers like Truecrypt and Veracrypt by analyzing file headers, block cipher patterns, and entropy without external dependencies.
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
A container of PCAP captures mapped to the relevant attack tactic
A container of PCAP captures mapped to the relevant attack tactic
A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.
A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.
A framework for accumulating, describing, and classifying actionable Incident Response techniques
A framework for accumulating, describing, and classifying actionable Incident Response techniques
Steghide is a steganography program that hides data in image and audio files.
Steghide is a steganography program that hides data in image and audio files.
Leading open source automated malware analysis system.
Leading open source automated malware analysis system.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
OCaml bindings to the YARA scanning engine for integrating YARA scanning capabilities into OCaml projects
OCaml bindings to the YARA scanning engine for integrating YARA scanning capabilities into OCaml projects
A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.
A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.
A multithreaded YARA scanner for incident response or malware zoos.
A multithreaded YARA scanner for incident response or malware zoos.
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
Weekly cybersecurity newsletter for security leaders and professionals
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Digital Forensics and Incident Response Tools - FAQ
Common questions about Digital Forensics and Incident Response tools including selection guides, pricing, and comparisons.
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.