Digital Forensics

Hoarder

0.0

Hoarder is a tool to collect and parse windows artifacts.

LiME

0.0

LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.

nightHawk Response

0.0

Custom built application for asynchronous forensic data presentation on an Elasticsearch backend, with upcoming features like Docker-based installation and new UI rewrite in React.

Chainsaw

0.0

Powerful tool for searching and hunting through Windows forensic artefacts with support for Sigma detection rules and custom Chainsaw detection rules.

pcapfex

0.0

A tool for extracting files from packet capture files with ease of use and extensibility for Python developers.

Mac Locations Scraper

0.0

Dump the contents of the location database files on iOS and macOS with output options like KML and CSV.

AccessData FTK Imager

0.0

A digital forensic tool for creating forensic images of computer hard drives and analyzing digital evidence.

RegRipper 3.0

0.0

Automated tool for parsing Windows registry hives and extracting valuable information for forensic analysis.

exif

0.0

A command-line utility to show and change EXIF information in JPEG files

Forensia

0.0

Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.

Bitscout

0.0

Customizable live OS constructor tool for remote forensics and incident response.

bstrings

0.0

A command-line tool for searching and extracting strings from files with various options like ASCII and Unicode string search.

Mobile Verification Toolkit (MVT)

0.0

A forensic research tool for gathering forensic traces on Android and iOS devices, supporting the use of public indicators of compromise.

Incident Response & Computer Forensics, Third Edition

0.0

A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.

Acquire

0.0

A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container, aiding in digital forensic triage.

Volatility Web Interface

0.0

Web interface for the Volatility Memory Forensics Framework

CyLR

0.0

CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.

SPECTR3

0.0

Remote Acquisition Tool

Hayabusa

0.0

Windows event log fast forensics timeline generator and threat hunting tool.

Volatility 3

0.0

A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.

Penguin OS Forensic (or Flight) Recorder (POFR)

0.0

Collects and organizes Linux OS data for detailed analysis and incident response.