The artifactcollector project provides a software that collects forensic artifacts on systems. These artifacts can be used in forensic investigations to understand attacker behavior on compromised computers. Features: * Runs on Windows, Linux, and macOS * Can extract files, directories, registry entries, command and WMI output * Uses configurable and extensible Forensics Artifacts * Creates a forensicstore as structured output * It's open source and free for everyone (including commercial use) Installation: * Download from https://github.com/forensicanalysis/artifactcollector/releases or clone the repository and install using go install . Get artifacts & process forensicstores: * Extract raw artifacts or process collected data using elementary.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A modified version of GNU dd with added features like hashing and fast disk wiping.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
A tool for fixing acquired .evt Windows Event Log files in digital forensics.
A Python-based engine for automatic creation of timelines in digital forensic analysis
A command-line tool for extracting detailed information from JPEG files, including image dimensions, compression, and metadata.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.