Network Appliance Forensic Toolkit Logo

Network Appliance Forensic Toolkit

0
Free
Visit Website

The Network Appliance Forensic Toolkit is a set of tools designed to assist in the forensic analysis of network appliances, with capabilities such as using YARA with decoding options like decoder_add1, decoder_rol1, and decoder_xor1, as well as features for extracting frames from memory to PCAP files.

FEATURES

ALTERNATIVES

A framework/scripting tool to standardize and simplify the process of scripting favorite Live Acquisition utilities for Incident Responders.

A modified version of GNU dd with added features like hashing and fast disk wiping.

usbdeath is an anti-forensic tool that manipulates udev rules for known USB devices and performs actions on unknown USB device insertion or specific USB device removal.

Forensics tool for exploring offline Docker filesystems.

A command-line utility and Python package for mounting and unmounting various disk image formats with support for different volume systems and filesystems.

A tool for triaging crash files with various output formats and debugging engine options.

A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.

Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.