Apps tagged with 'digital-forensics'

Forensic tool for disk analysis and file recovery supporting broad image formats, physical disks, DFXML reporting, plugin extensity, and efficient CLI operation.

Parrot is a GNU/Linux distribution based on Debian Testing and designed with Security, Development, and Privacy in mind.

CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. Runs client-side in your browser via the website or as a downloadable html file.

Visualizes complex relationships using link analysis graphs for open-source intelligence and forensics, supporting data collection, mapping, and investigations.

Anti-forensic macOS tray application designed to safeguard your system by monitoring USB ports. It ensures your device's security by automatically initiating either a system shutdown or hibernation if an unauthorized device connects or a connected device is unplugged.

VideoCleaner is described as "World's most relied upon forensic video enhancement and tamper detection software." It makes use of VirtualDub, and provides an alternative, simplified way of performing common video cleaning tasks.

Document Colour Tracking Dots, or yellow dots, are small systematic dots which encode information about the printer and/or the printout itself. This process is integrated in almost every commercial colour laser printer.

Rekall is the most complete Memory Analysis framework. Rekall provides an end-to-end solution to incident responders and forensic analysts. From state of the art acquisition tools, to the most advanced open source memory analysis framework.

MacOS forensic acquisition made simple.

Magnet Acquire lets digital forensic examiners quickly and easily acquire forensic images of any iOS or Android device, hard drive, and removable media — and is available at no cost to the forensic community.

Hibernation Recon has been developed to support memory reconstruction from Windows hibernation files. It can identify and extract massive volumes of information from the multiple types (and levels) of slack space that often exist within them.

Extract files from iOS devices on Linux and MacOS. Mostly a wrapper for pymobiledevice3. Creates iTunes-style backups and "advanced logical backups".

TheHive is a scalable 3-in-1 Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly.

VMRay Analyzer is an agentless malware detection an malware analysis sandbox that uses a hypervisor-based approach to determine whether files are malicious.

REMnux™ is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident responders to start using the variety of freely-available tools that can examine malware, yet might be...

SafeRestore is an AI-powered data recovery and digital privacy platform that combines real file retrieval capabilities with intelligent recovery guidance and metadata analysis tools.

DEFT (Digital Evidence & Forensic Toolkit) is a customised distribution of the Ubuntu live Linux CD. It is an easy-to-use system that includes excellent hardware detection and some of the best open-source applications dedicated to incident response and computer forensics.

Forensic Notes - Digital documents are easy to fabricate, lose or get hacked. Take you digital documentation into the 21st century with Forensic Notes. Secure. Private. Credible.

Court-verifiable documentation - Replicates paper notebooks.

IRIS is a collaborative platform for incident response analysts that helps to share investigations at a technical level. It's a web application that can be installed on a fixed server or on a laptop for roaming investigations where internet might not be available.

Drive Badger is a software tool for data exfiltration – which means, for copying data from the computer to external USB drive. But unlike many other tools from IT security area, Drive Badger is not a Proof-of-Concept kind of tool, bringing some groundbreaking techniques.

Timesketch is an open-source tool for collaborative forensic timeline analysis. Using sketches you and your collaborators can easily organize your timelines and analyze them all at the same time. Add meaning to your raw data with rich annotations, comments, tags and stars.

Collect data from the widest range of digital devices.

Forensic imaging software solution to perform triage, live data acquisition and targeted data collection for Windows and Mac computers.

Ensuring that evidence collected at a crime scene is protected, stored, and presented accurately is crucial.

RECON ITR brings both Bootable and Live imaging options into one. An indispensable tool for anyone who needs to image and capture data from all Intel macOS computers.