Digital Forensics
Browse 398 digital forensics tools
FEATURED
mac_apt is a versatile DFIR tool for processing Mac and iOS images, offering extensive artifact extraction capabilities and cross-platform support.
Belkasoft offers cybersecurity solutions, training, and tools for businesses, law enforcement, and academia.
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
A tool for parsing and extracting information from the Master File Table of NTFS file systems.
Incident response framework focused on remote live forensics
A repository to aid Windows threat hunters in looking for common artifacts.
A PowerShell-based DFIR automation tool that streamlines artifact and evidence collection from Windows machines for digital forensic investigations.
A comprehensive guide to digital forensics and incident response, covering incident response frameworks, digital forensic techniques, and threat intelligence.
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
Digital investigation tool for extracting forensic data from computers and managing investigations.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
A community-sourced repository of digital forensic artifacts in YAML format.
A Docker-based steganography analysis toolkit containing pre-installed tools and automated scripts for detecting and extracting hidden data from files, primarily designed for CTF challenges.
A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.
Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.
A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.
Turbinia is an open-source framework for automating the running of common forensic processing tools to help with processing evidence in the Cloud.
Binwalk is a firmware analysis tool that enables reverse engineering and extraction of embedded file systems and archives from firmware images.
A command-line forensics tool for tracking and analyzing USB device artifacts and connection history on Linux systems.
A library for accessing and parsing Windows NT Registry File (REGF) format files, designed for digital forensics and registry analysis applications.
Advanced computer forensics software with efficient features.
