jpeginfo
A command-line tool for extracting detailed information from JPEG files, including image dimensions, compression, and metadata.
The CDQR tool uses Plaso to parse forensic artifacts and/or disk images with specific parsers, creating easy-to-analyze custom reports that group similar items together, following the Live Response Model for investigations. It generates up to 18 reports based on triaging best practices and parsing options, making it a valuable starting point for forensic analysis.
A command-line tool for extracting detailed information from JPEG files, including image dimensions, compression, and metadata.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
Anti-forensics tool for Red Teamers to erase footprints and test incident response capabilities.
Python tool for remote memory acquisition
A Python tool for in-depth PDF analysis and modification.
A library to access the Expert Witness Compression Format (EWF) for digital forensics and incident response.