WinHex
0 (0)
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
Disk Arbitrator is a Mac OS X forensic utility that provides a user interface to the Disk Arbitration framework, ensuring correct forensic procedures are followed during disk imaging. When enabled, it blocks the mounting of file systems to prevent read-write access, complementing write-blockers with additional features.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
A library for working with Windows NT data types, providing access and manipulation functions.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
Developing APIs to access memory on industrial control system devices.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.