Forensic Tools

Forensic Tools

ToolsDescription
BinwalkIt is a tool for searching a given binary image for embedded files and executable code.
bulk-extractorIt extracts information without parsing file systems such as e-mail addresses, credit card numbers, URLs, and other types of details from digital evidence files.
CapstoneIt is a framework used for binary analysis and reversing. It supports multiple hardware architectures and provides semantics of the disassembled instruction.
chntpwIt is used to view information and change user passwords in Windows NT/2000 user database file.
CuckooIt is a malware analysis system that can provide you the details of suspicious files you asking for.
dc3ddIt is a patched version of GNU dd with added features for computer forensics.
ddrescueIt duplicates data from one file or block device to another specified file or block.
DFFDFF stands for Digital Forensic Framework. It is used to quickly and easily collect, preserve, and reveal digital evidence without compromising systems and data.
diStorm3It is a lightweight, easy-to-use, and fast decomposer library that disassembles a staged reverse shell generated by msfpayload.
DumpzillaDumpzilla is a tool to extract all forensic related information of Firefox, Iceweasel, and Seamonkey browsers to analyse.
extundeleteThis tool is used to recover deleted files from ext3/ext4 file system partition.
ForemostIt is a forensic tool to recover lost files based on their headers, footers, and internal data structures.
GalletaIt is a forensic tool that examines the content of cookies produced by Internet explorer.
GuymagerIt is a free forensic imager for media access. It generates flat, EWF, and AFF images support disk cloning.
iPhone Backup AnalyzerIt is a backup utility designed to browse easily through the backup folder of an iPhone.
p0fIt is a traffic fingerprinting mechanism to identify the process behind any incidental TCP/IP communications without disturbing the process in any way.
Pdf-parserIt is used to parse a PDF document to identify the fundamental elements used in the analysed file.
pdfidIt scans a file to look for certain pdf keywords, allowing you to identify PDF documents that contain JavaScript.
pdgmailIt extracts Gmail artefacts from a pd process memory dump
peepdfIt is a pdf analysis tool to explore PDF files in order to find if the file can be harmful or not.
RegRipperIt extracts information from the windows registry and presents it for analysis.
VolatilityIt is a memory forensic analysis platform to extracts the digital artefacts from the RAM samples.
XplicoIt is a network forensic analysis tool that extracts application data from internet traffic.





Latest Courses