Linux Expl0rer
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
The Volatility Web Interface is a web-based tool that provides a user-friendly interface for the Volatility Memory Forensics Framework, allowing users to analyze memory dumps and perform forensic investigations. To install, download the Volatility source zip from the official GitHub repository, run setup.py install, and install necessary dependencies like bottle, yara, distorm3, and maxminddb using pip. Note that additional steps may be required for Windows installations.
Easy-to-use live forensics toolbox for Linux endpoints with various capabilities such as process inspection, memory analysis, and YARA scanning.
A tool for discovering, analyzing, and remedying sensitive data
Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.
A forensic research tool for gathering forensic traces on Android and iOS devices, supporting the use of public indicators of compromise.
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.