strings
A command-line utility for extracting human-readable text from binary files.
This book provides a comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response, including preparation, data collection, data analysis, and remediation. It includes real-world case studies and practical techniques for investigating and remediating data breaches. The book covers topics such as architecting an infrastructure for methodical investigation and remediation, developing leads and identifying indicators of compromise, collecting and preserving live data, performing forensic duplication, analyzing data from networks and applications, investigating Windows and Mac OS X systems, performing malware triage, writing detailed incident response reports, and creating comprehensive remediation plans.
A command-line utility for extracting human-readable text from binary files.
An open source format for storing digital evidence and data, with a C/C++ library for creating, reading, and manipulating AFF4 images.
MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.
A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.