Unhide
A forensic tool to find hidden processes and TCP/UDP ports by rootkits or other hidden techniques.
Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers, supporting various types of data such as URLs, download history, cache records, bookmarks, saved passwords, and more, presenting the extracted data in a timeline for forensic analysis. It offers a simple web UI accessible through 'hindsight_gui.py' or 'hindsight_gui.exe' on Windows, allowing users to specify the Chrome profile path for analysis and save results in different formats.
A forensic tool to find hidden processes and TCP/UDP ports by rootkits or other hidden techniques.
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
An open source digital forensic tool for processing and analyzing digital evidence with high performance and multiplatform support.
Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.
A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.