Radare2 Logo

Radare2

0
Free
Visit Website

Radare2 is a complete rewrite of radare. It provides a set of libraries, tools and plugins to ease reverse engineering tasks. It can edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb/windbg servers. r2 can analyze, emulate, debug, modify, and disassemble any binary.

FEATURES

ALTERNATIVES

A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.

A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.

A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.

A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.

A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.

Python script to parse the NTFS USN Change Journal.

Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.

Python tool for remote memory acquisition