ShadowCopy Analyzer
ShadowCopy Analyzer is a tool for cybersecurity researchers to analyze and utilize the ShadowCopy technology for file recovery and system restoration.
OS X Auditor is a free Mac OS X computer forensics tool that parses and hashes various artifacts on the system, including kernel extensions, system agents, users' files, installed applications, Safari and browser history, social and email accounts, WiFi access points, and more. It also checks for suspicious keywords in .plist files, verifies file reputation with Team Cymru's MHR, VirusTotal, and local databases, and aggregates logs into a zipball.
ShadowCopy Analyzer is a tool for cybersecurity researchers to analyze and utilize the ShadowCopy technology for file recovery and system restoration.
A forensic tool to find hidden processes and TCP/UDP ports by rootkits or other hidden techniques.
A command-line utility for extracting human-readable text from binary files.
A Windows Registry hive extraction library that reads and writes Windows Registry 'hive' binary files.
wxHexEditor is a free hex editor / disk editor with various data manipulation operations and visualization functionalities.
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.