PassMark OSForensics
PassMark OSForensics is a digital investigation tool that allows users to extract forensic data from computers quickly and easily, uncovering hidden information inside a PC. It enables users to discover relevant data faster through high-performance file searching and indexing, extract passwords, decrypt files, and recover deleted files from various operating systems. Additionally, it helps in identifying evidence and suspicious activity through hash matching and drive signature analysis features, as well as automatically creating a timeline of user activity. With its 360° Case Management Solution, users can manage their entire digital investigation, build custom reports, and attach reports from other tools. OSForensics also offers a collection of tools like OSFMount and OSFClone for mounting disk images and creating/cloning raw disk images, respectively.
FEATURES
SIMILAR TOOLS
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A library for accessing and parsing Microsoft Internet Explorer cache files (index.dat) to extract URLs, timestamps, and cached content for digital forensic analysis.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
A library for read-only access to QEMU Copy-On-Write (QCOW) image files, supporting multiple versions and compression formats for digital forensics analysis.
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.