Digital Forensics
Tools and methodologies for investigating digital incidents and gathering electronic evidence.Explore 224 curated tools and resources
RELATED TASKS
PINNED
Promoted • 6 tools
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Red Hand Analyzer is an online tool that provides automated behavioral analysis of PCAP files to detect malicious network activities and security vulnerabilities without decrypting traffic content.
Red Hand Analyzer is an online tool that provides automated behavioral analysis of PCAP files to detect malicious network activities and security vulnerabilities without decrypting traffic content.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.
A forensic analysis tool that extracts and parses logs, notifications, and system information from iOS/iPadOS devices and backups.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
A binary analysis platform for analyzing binary programs
A binary analysis platform for analyzing binary programs
A powerful reverse engineering framework
A reverse engineering framework with a focus on usability and code cleanliness
A reverse engineering framework with a focus on usability and code cleanliness
A tool for discovering, analyzing, and remedying sensitive data
A tool for discovering, analyzing, and remedying sensitive data
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A next-generation crawling and spidering framework for extracting data from websites
A next-generation crawling and spidering framework for extracting data from websites
A reconnaissance tool for GitHub organizations
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.
A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.
A tool for analyzing pentest screenshots using a convolutional neural network
A tool for analyzing pentest screenshots using a convolutional neural network
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.
Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.
A C-based steganographic tool that hides files within WAV audio files using least significant bit encoding techniques.
A C-based steganographic tool that hides files within WAV audio files using least significant bit encoding techniques.
A framework for orchestrating forensic collection, processing, and data export.
A framework for orchestrating forensic collection, processing, and data export.
A Python module for orchestrating remote forensic data acquisition and analysis from Linux instances using Amazon SSM.
A Python module for orchestrating remote forensic data acquisition and analysis from Linux instances using Amazon SSM.
A modified version of GNU dd with added features like hashing and fast disk wiping.
A modified version of GNU dd with added features like hashing and fast disk wiping.
A command line utility for managing volume shadow copies with capabilities for evasion, persistence, and file extraction.
A command line utility for managing volume shadow copies with capabilities for evasion, persistence, and file extraction.
An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.
An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.