Digital Forensics
Browse 398 digital forensics tools
FEATURED
A honeypot system that simulates RDP services on port 3389, automatically assigns virtual machines to incoming connections, and captures comprehensive forensic data including packet captures and disk images.
pcapfex is a forensic tool that extracts files from packet capture data by analyzing network traffic and identifying embedded file content.
Andrew Case's personal page for research, software projects, and speaking events
A digital forensics tool that extracts and exports location database contents from iOS and macOS devices in KML or CSV formats.
Zui is a desktop application for data exploration and analysis that provides drag-and-drop data ingestion, automatic format detection, and interactive querying capabilities for structured and semi-structured data.
A digital forensic tool for creating forensic images of computer hard drives and analyzing digital evidence.
Automated tool for parsing Windows registry hives and extracting valuable information for forensic analysis.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
Bitscout is a Bash-based live OS constructor tool for building customizable forensic environments used in remote system triage, malware hunting, and digital forensics investigations.
A command-line string extraction utility for digital forensics that supports ASCII and Unicode string extraction from files and directories with pattern matching and filtering capabilities.
A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.
A forensic toolkit for analyzing Android and iOS devices to detect potential spyware infections and security compromises using indicators of compromise.
Root the Box is a real-time CTF scoring engine that provides a configurable platform for cybersecurity training through gamified wargames and competitions.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
A pure Python parser for Windows Event Log (.evtx) files that enables cross-platform forensic analysis of Windows system events.
A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container, aiding in digital forensic triage.
Web interface for the Volatility Memory Forensics Framework
A practical guide to enhancing digital investigations with cutting-edge memory forensics techniques, covering fundamental concepts, tools, and techniques for memory forensics.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
A command-line tool that allows SQL queries to be executed directly on PCAP files for network traffic analysis with support for multiple output formats.
Windows event log fast forensics timeline generator and threat hunting tool.
An Android-based self-defense application against forensic imaging tools like Cellebrite UFED.
A static analysis framework for extracting key characteristics from various file formats
