Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
Explore 494 curated cybersecurity tools, with 17,376+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
Online platform for image steganography analysis
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
Digital investigation tool for extracting forensic data from computers and managing investigations.
Digital investigation tool for extracting forensic data from computers and managing investigations.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
A community-sourced repository of digital forensic artifacts in YAML format.
A community-sourced repository of digital forensic artifacts in YAML format.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.
A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.
A Docker-based steganography analysis toolkit containing pre-installed tools and automated scripts for detecting and extracting hidden data from files, primarily designed for CTF challenges.
A Docker-based steganography analysis toolkit containing pre-installed tools and automated scripts for detecting and extracting hidden data from files, primarily designed for CTF challenges.
A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.
A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
CapTipper is a python tool to analyze, explore, and revive HTTP malicious traffic.
Recoverjpeg is a tool for recovering JPEG images from damaged storage media.
Recoverjpeg is a tool for recovering JPEG images from damaged storage media.
Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.
Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.
ZAT is a Python package that processes and analyzes Zeek network security data using machine learning libraries like Pandas, scikit-learn, Kafka, and Spark.
ZAT is a Python package that processes and analyzes Zeek network security data using machine learning libraries like Pandas, scikit-learn, Kafka, and Spark.
Collects Yara rules from over 150 free resources, a free alternative to Valhalla.
Collects Yara rules from over 150 free resources, a free alternative to Valhalla.
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.
A powerful tool for detecting and identifying malware using a rule-based system.
A powerful tool for detecting and identifying malware using a rule-based system.
Digital Forensics and Incident Response Tools - FAQ
Common questions about Digital Forensics and Incident Response tools including selection guides, pricing, and comparisons.
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
