Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
Browse 548 digital forensics and incident response tools
FEATURED
RELATED TASKS
Drltrace is a dynamic API calls tracer for Windows and Linux applications.
Drltrace is a dynamic API calls tracer for Windows and Linux applications.
Java decompiler for modern Java features up to Java 14.
A utility for splitting packet traces along TCP connection boundaries.
A utility for splitting packet traces along TCP connection boundaries.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.
Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
Incident response framework focused on remote live forensics
Incident response framework focused on remote live forensics
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
A semi-automatic tool to generate YARA rules from virus samples.
A semi-automatic tool to generate YARA rules from virus samples.
MetaDefender Cloud offers advanced threat prevention using technologies like Multiscanning, Deep CDR, and Sandbox.
MetaDefender Cloud offers advanced threat prevention using technologies like Multiscanning, Deep CDR, and Sandbox.
Steghide is a steganography program for hiding data in image and audio files.
Steghide is a steganography program for hiding data in image and audio files.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
Online platform for image steganography analysis
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
Digital investigation tool for extracting forensic data from computers and managing investigations.
Digital investigation tool for extracting forensic data from computers and managing investigations.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
A community-sourced repository of digital forensic artifacts in YAML format.
A community-sourced repository of digital forensic artifacts in YAML format.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
Digital Forensics and Incident Response Tools - FAQ
Common questions about Digital Forensics and Incident Response tools including selection guides, pricing, and comparisons.
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
