Digital Forensics and Incident Response
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
Explore 494 curated cybersecurity tools, with 17,495+ visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
A bash script for automating Linux swap analysis for post-exploitation or forensics purposes.
A .Net wrapper library for the native Yara library with interoperability and portability features.
A .Net wrapper library for the native Yara library with interoperability and portability features.
SwishDbgExt is a Microsoft WinDbg debugging extension that enhances debugging capabilities for kernel developers, troubleshooters, and security experts.
SwishDbgExt is a Microsoft WinDbg debugging extension that enhances debugging capabilities for kernel developers, troubleshooters, and security experts.
Automated collection tool for incident response triage in Windows systems.
Automated collection tool for incident response triage in Windows systems.
A versatile steganography tool with various installation options and detailed usage instructions.
A versatile steganography tool with various installation options and detailed usage instructions.
A collection of binary tools for various purposes including linking, assembling, profiling, and more.
A collection of binary tools for various purposes including linking, assembling, profiling, and more.
Explores malware interaction with Windows API and methods for detection and prevention.
Explores malware interaction with Windows API and methods for detection and prevention.
A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.
A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.
A standardized framework for describing and classifying cybersecurity incidents
A standardized framework for describing and classifying cybersecurity incidents
Fnord is a pattern extraction tool that analyzes obfuscated code using sliding window techniques to identify frequent byte sequences and generate experimental YARA rules for malware analysis.
Fnord is a pattern extraction tool that analyzes obfuscated code using sliding window techniques to identify frequent byte sequences and generate experimental YARA rules for malware analysis.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
Forensic imaging program with full hash authentication and various acquisition options.
Forensic imaging program with full hash authentication and various acquisition options.
PowerGRR is a PowerShell API client library that automates GRR (Google Rapid Response) operations for digital forensics and incident response across multiple operating systems.
PowerGRR is a PowerShell API client library that automates GRR (Google Rapid Response) operations for digital forensics and incident response across multiple operating systems.
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
Binkit is a binary analysis tool that merged with DarunGrim and incorporates its analysis algorithms, currently in internal testing before official release.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
BinaryAlert is an open-source serverless AWS pipeline that automatically scans files uploaded to S3 buckets with YARA rules and generates immediate alerts when malware is detected.
BinaryAlert is an open-source serverless AWS pipeline that automatically scans files uploaded to S3 buckets with YARA rules and generates immediate alerts when malware is detected.
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
A Python-based forensic tool for extracting and analyzing browser artifacts from Firefox, Iceweasel, and Seamonkey browsers on Unix and Windows systems.
A Python-based forensic tool for extracting and analyzing browser artifacts from Firefox, Iceweasel, and Seamonkey browsers on Unix and Windows systems.
Android Loadable Kernel Modules for reversing and debugging on controlled systems/emulators.
Android Loadable Kernel Modules for reversing and debugging on controlled systems/emulators.
Parse YARA rules into a dictionary representation.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
Dump iOS Frequent Locations from StateModel#.archive files.
Dump iOS Frequent Locations from StateModel#.archive files.
Digital Forensics and Incident Response Tools - FAQ
Common questions about Digital Forensics and Incident Response tools including selection guides, pricing, and comparisons.
Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.
