Digital Forensics
Explore 205 curated cybersecurity tools, with 14,287+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
A reliable end-to-end DFIR solution for boosting cyber incident response and forensics capacity.
A reliable end-to-end DFIR solution for boosting cyber incident response and forensics capacity.
A library to access the Expert Witness Compression Format (EWF) for digital forensics and incident response.
A library to access the Expert Witness Compression Format (EWF) for digital forensics and incident response.
A command-line utility for extracting human-readable text from binary files.
A command-line utility for extracting human-readable text from binary files.
A tool that generates YARA rules to search for specific terms within base64-encoded malware samples by enumerating all possible encoding variations.
A tool that generates YARA rules to search for specific terms within base64-encoded malware samples by enumerating all possible encoding variations.
ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.
ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.
A software utility with forensic tools for smartphones, offering powerful data extraction and decoding capabilities.
A portable forensic tool that detects encrypted containers like Truecrypt and Veracrypt by analyzing file headers, block cipher patterns, and entropy without external dependencies.
A portable forensic tool that detects encrypted containers like Truecrypt and Veracrypt by analyzing file headers, block cipher patterns, and entropy without external dependencies.
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.
A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.
A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
Acronis Cyber Protect is an integrated cybersecurity and data protection platform that provides comprehensive protection for businesses, service providers, and individuals.
Acronis Cyber Protect is an integrated cybersecurity and data protection platform that provides comprehensive protection for businesses, service providers, and individuals.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
An open source tool that generates YARA rules from installed software on running operating systems for efficient software identification in digital forensic investigations.
An open source tool that generates YARA rules from installed software on running operating systems for efficient software identification in digital forensic investigations.
A deprecated digital forensics tool by Netflix that helped investigators scope compromises across AWS cloud instances by identifying behavioral differences and outliers during security incidents.
A deprecated digital forensics tool by Netflix that helped investigators scope compromises across AWS cloud instances by identifying behavioral differences and outliers during security incidents.
MemLabs provides CTF-styled memory forensics challenges designed to teach students and security researchers how to analyze memory dumps using tools like Volatility.
MemLabs provides CTF-styled memory forensics challenges designed to teach students and security researchers how to analyze memory dumps using tools like Volatility.
Docker Explorer is a forensic tool that enables investigators to explore and analyze offline Docker container filesystems by reconstructing layered filesystem structures.
Docker Explorer is a forensic tool that enables investigators to explore and analyze offline Docker container filesystems by reconstructing layered filesystem structures.
COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.
COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.
A collection of Mac OS X and iOS forensics resources with a focus on artifact collection and collaboration.
A collection of Mac OS X and iOS forensics resources with a focus on artifact collection and collaboration.
Halogen automates the creation of YARA rules based on image files embedded in malicious documents to assist in threat detection and identification.
Halogen automates the creation of YARA rules based on image files embedded in malicious documents to assist in threat detection and identification.
