Digital Forensics
Tools and methodologies for investigating digital incidents and gathering electronic evidence.Explore 212 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.
Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.
Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
A tool for triaging crash files with various output formats and debugging engine options.
A tool for triaging crash files with various output formats and debugging engine options.
usbdeath is an anti-forensic tool that manipulates udev rules for known USB devices and performs actions on unknown USB device insertion or specific USB device removal.
usbdeath is an anti-forensic tool that manipulates udev rules for known USB devices and performs actions on unknown USB device insertion or specific USB device removal.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
GUI-based memory forensic capture tool for cyber forensics and cyber crime investigation.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
Comprehensive suite for advanced file analysis and software supply chain security.
Comprehensive suite for advanced file analysis and software supply chain security.
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.
Fridump is an open source memory dumping tool using the Frida framework for dumping memory addresses from various platforms.