Wireshark – The network traffic analysis tool.SiLK Tools – SiLK is a suite of network traffic collection and Computer Forensics tools analysis tools.WinDbg – Live memory inspection and kernel debugging for Windows systems.WDBGARK – WinDBG Anti-RootKit Extension.VolUtility – Web Interface for Volatility Memory Analysis framework.Volatility – Advanced memory forensics framework.VolDiff – Run Volatility on memory images before and after malware execution, and report changes.TotalRecall – Script based on Volatility for automating various malware analysis tasks.
Rekall – Memory analysis framework, forked from Volatility in 2013.Muninn – A script to automate portions of analysis using Volatility, and create a readable report.NET supports all Windows 圆4, includes code integrity and write support. – High speed memory analysis framework developed in.FindAES – Find AES encryption keys in memory.evolve – Web interface for the Volatility Memory Forensics Framework.DAMM – Differential Analysis of Malware in Memory, built on Volatility.BlackLight – Windows/MacOS Computer Forensics tools client supporting hiberfil, pagefile, raw memory analysis.VolUtility – Web App for Volatility framework.volatility – The memory forensic framework.KeeFarce – Extract KeePass passwords from memory.floss – Static analysis tool to automatically deobfuscate strings from malware binaries.bulk_extractor – Extracts informations like email adresses, creditscard numbers and histrograms of disk images.Guymager – Open source version for disk imageing on linux systems.FTK Imager – Free imageing tool for windows.dcfldd – Different improved version of dd (this version has some bugs!, another version is on github adulau/dcfldd).osquery – SQL powered operating system analytics.mig – Distributed & real time digital forensics at the speed of the cloud.Linux Expl0rer – Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask.grr – GRR Rapid Response: remote live forensics for incident response.turbinia – Turbinia is an open-source framework for deploying, managing, and running forensic workloads on cloud platforms.The Sleuth Kit – Tools for low level forensic analysis.PowerForensics – PowerForensics is a framework for live disk forensic analysis.
bitscout – LiveCD/LiveUSB for remote forensic acquisition and analysis.Free computer forensic tools – Comprehensive list of free computer forensic tools.Artifact Repository – Machine-readable knowledge base of forensic artifacts.aining – Database of forensic resources focused on events, tools and more.Offers lists of certifications, books, blogs, challenges and more DFIR – The definitive compendium project – Collection of forensic resources for learning and research.
0 kommentar(er)
