Forensic Computer Tools for Hackers and Security Professionals
Computer forensic tools are most commonly used by security industries to test vulnerabilities in the network and applications by gathering evidence to find an indicator of commitment and take appropriate mitigation measures.
Here you can find the complete list of forensic computer tools that covers conducting forensic analysis and responding to incidents throughout the environment.
Collection of Computer Forensic Tools
- DFIR - The definitive compendium project - Collection of resources for forensic analysis for learning and research. Offers lists of certifications, books, blogs, challenges and more.
- dfir.training - Forensic resources database focused on events, tools and more.
- ForensicArtifacts.com Artifact Repository
Tools
Distributions
- bitscout - LiveCD / LiveUSB for remote forensic acquisition and analysis.
- deft - Linux distribution for forensic analysis.
- SANS Investigative Forensics Toolkit (sift) - Linux distribution for forensic analysis.
Frameworks
- Laika BOSS - Laika is an object scanner and an intrusion detection system.
- The Sleuth Kit - Tools for low level forensic analysis.
- turbinia - Turbinia is an open source framework for implementing, managing and executing forensic workloads on cloud platforms.
- dff
- IntelMQ
- PowerForensics
Images
- dc3dd - Improved version of dd.
- dcfldd - Different improved version of dd (this version has some bugs, another version in github adulau / dcfldd ).
- FTK Imager
- Guymager
Carving
- bulk_extractor - Extracts information such as email addresses, credit card numbers and disk image histograms.
- photorec - File carving (tool).
- bstrings
- floss
See more in Malware Analysis List
Forensic Memory
- inVtero.net
- KeeFarce
- Rekall
- volatility
- VolUtility
- BlackLight
- DAMM
- evolve
- FindAES
- inVtero.net
- Muninn
- Rekall
- TotalRecall
- VolDiff
- Volatility
- VolUtility
- WDBGARK
- WinDbg
See more in Malware Analysis List
Forensic Analysis of the Network
- SiLK Tools - SiLK is a set of analysis tools for network traffic collection and forensic computer analysis.
- Wireshark - Network traffic analysis tool.
- NetLytics
Windows artifacts
- ArtifactExtractor
- FastIR Collector
- FRED
- LogonTracer
- MFT-Parsers
- MFTExtractor
- NTFS journal parser
- NTFS USN Journal parser
- RecoverBit
- python-ntfs
Forensic Analysis in Mac OS X Systems
Internet artifacts
Time Line Analysis
Disc Image Management
Decoded
- hashcat - Password Cracker.
- John the Ripper - Password Cracker.
CTFs
books
- Network Forensics: Tracking Hackers through Cyberspace
- The Art of Memory Forensics
- The Practice of Network Security Monitoring
![[EXCLUSIVE!!!] CAPMONSTER PRO 2.10.7.0 CRACKED BY ANONYMOOSE](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidHgK2jErCvRhSbjRWkhYjS_dDaHMHbDQAGUUQtqQpFkLTvHXj-yMVCAxcdE4sfrFNhvsI8OHRmBKeEAHAL_L_uqqygf8ADk5gIaf5Wa4Gv-btL_SmIzjbCUonUNtNztvegMLIoRvSF3IA/s72-c/unknown.png)
![BlackBullet 2.4.4 [Cracked]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKc5nEpTlCYYPXm9yIVxxn5rzIxulCJ5VohirlITjYB60tGvzgy1RxoDGThIytgQ-KEQDDNM9phW6aZm_ZI6scZaTnLddrtt8st6EqiYKvOZEF3HLCxt5rH-dDaqdpYEKj1Mmrq7pFpLIh/s72-c/maxresdefault.jpg)
