Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
Explore 494 curated cybersecurity tools, with 17,376+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A library for working with Windows NT data types, providing access and manipulation functions.
A library for working with Windows NT data types, providing access and manipulation functions.
Open source digital forensics tools for analyzing disk images and recovering files.
Open source digital forensics tools for analyzing disk images and recovering files.
wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.
wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
Binary analysis and management framework for organizing malware and exploit samples.
Binary analysis and management framework for organizing malware and exploit samples.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
An extensible network forensic analysis framework with deep packet analysis and plugin support.
OSXCollector is a forensic evidence collection & analysis toolkit for OSX.
OSXCollector is a forensic evidence collection & analysis toolkit for OSX.
A command-line tool for managing and analyzing Microsoft Forefront TMG and UAG configurations.
A command-line tool for managing and analyzing Microsoft Forefront TMG and UAG configurations.
Incident Response Documentation tool for tracking findings and tasks.
Incident Response Documentation tool for tracking findings and tasks.
Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.
Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.
Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.
Browse and analyze iPhone/iPad backups with detailed file properties and various viewers.
Detect signed malware and track stolen code-signing certificates using osquery.
Detect signed malware and track stolen code-signing certificates using osquery.
Revelo is an experimental Javascript deobfuscator tool with features to analyze and deobfuscate Javascript code.
Revelo is an experimental Javascript deobfuscator tool with features to analyze and deobfuscate Javascript code.
libevt is a library to access and parse Windows Event Log (EVT) files.
libevt is a library to access and parse Windows Event Log (EVT) files.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
Extracts resources (bitmaps, icons, cursors, AVI movies, HTML files, and more) from dll files
Extracts resources (bitmaps, icons, cursors, AVI movies, HTML files, and more) from dll files
A tool for processing compiled YARA rules in IDA.
A tool for processing compiled YARA rules in IDA.
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
A proof of concept for using the SSM Agent in Fargate for incident response
A proof of concept for using the SSM Agent in Fargate for incident response
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.
A PHP based web application for managing postmortems with pluggable features.
A PHP based web application for managing postmortems with pluggable features.
Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.
Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.
A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.
A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.
An extended traceroute tool for CSIRT operators with advanced features.
An extended traceroute tool for CSIRT operators with advanced features.
Digital Forensics and Incident Response Tools - FAQ
Common questions about Digital Forensics and Incident Response tools including selection guides, pricing, and comparisons.
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
