dcfldd is a modified version of GNU dd with added features such as hashing, fast disk wiping, and status output. Originally created by Nicholas Harbour from the DoD Computer Forensics Laboratory (DCFL), it is now maintained by him independently. The latest version can be found on GitHub at https://github.com/adulau/dcfldd/, which includes Debian patches and additional patches from Alexandre Dulaunoy.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A library for read-only access to QEMU Copy-On-Write (QCOW) image files, supporting multiple versions and compression formats for digital forensics analysis.