WinSearchDBAnalyzer
WinSearchDBAnalyzer can parse and recover records in Windows.edb, providing detailed insights into various data types.
Skadi is a free, open source collection of tools that enables the collection, processing, and advanced analysis of forensic artifacts and images. It works on MacOS, Windows, and Linux machines, scaling effectively on various platforms including laptops, desktops, servers, and the cloud. Skadi can be installed on top of hardened/gold disk images. To get started, download the latest release available in OVA, Vagrant, and Signed Installer formats. Installation instructions are provided for Docker, Vagrant, OVA, and Signed Installer. Skadi Portal provides easy access to the tools with default credentials: Username: skadi, Password: skadi.
WinSearchDBAnalyzer can parse and recover records in Windows.edb, providing detailed insights into various data types.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
A software that collects forensic artifacts on systems for forensic investigations.
Comprehensive suite for advanced file analysis and software supply chain security.
A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.