Digital Forensics
Tools and methodologies for investigating digital incidents and gathering electronic evidence.Explore 216 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 5 toolsCommercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
Tool for parsing Android logs events and protobuf data
Tool for parsing Android logs events and protobuf data
A powerful OSINT tool for creating custom templates for data extraction and analysis
A powerful OSINT tool for creating custom templates for data extraction and analysis
Orochi is a collaborative forensic memory dump analysis framework.
RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.
Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
A tool for triaging crash files with various output formats and debugging engine options.
A tool for triaging crash files with various output formats and debugging engine options.
usbdeath is an anti-forensic tool that manipulates udev rules for known USB devices and performs actions on unknown USB device insertion or specific USB device removal.
usbdeath is an anti-forensic tool that manipulates udev rules for known USB devices and performs actions on unknown USB device insertion or specific USB device removal.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
Comprehensive suite for advanced file analysis and software supply chain security.
Comprehensive suite for advanced file analysis and software supply chain security.
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
ForensicMiner, Redefine DFIR Automations
Online platform for image steganography analysis
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
Digital investigation tool for extracting forensic data from computers and managing investigations.
Digital investigation tool for extracting forensic data from computers and managing investigations.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.