CDQR - Cold Disk Quick Response Logo

CDQR - Cold Disk Quick Response

0
Free
Visit Website

The CDQR tool uses Plaso to parse forensic artifacts and/or disk images with specific parsers, creating easy-to-analyze custom reports that group similar items together, following the Live Response Model for investigations. It generates up to 18 reports based on triaging best practices and parsing options, making it a valuable starting point for forensic analysis.

FEATURES

ALTERNATIVES

Truehunter is a tool designed to detect encrypted containers with a focus on Truecrypt and Veracrypt, utilizing a fast and memory efficient approach.

Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.

Generate comprehensive reports about Windows systems with detailed system, security, networking, and USB information.

Forensics tool for exploring offline Docker filesystems.

Custom built application for asynchronous forensic data presentation on an Elasticsearch backend, with upcoming features like Docker-based installation and new UI rewrite in React.

A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.

Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.

PINNED