Forensic ToolkitsRSS

Forensic Toolkits

Brian Carrier
FREEWARE
Pricing Model

The @stake Sleuth Kit (TASK) allows an investigator examine the file systems of a suspect computer in a non-intrusive fashion. TASK is a collection of UNIX-based command line tools that can analyze NTFS, FAT, FFS, EXT2FS, and EXT3FS file systems. TASK rea ...

Modified
Guidance Software, Inc.
Commercial
Pricing Model

With an intuitive, yet flexible GUI, and unmatched performance, EnCase Version 4 provides investigators with the tools to conduct large-scale and complex investigation with accuracy and efficiency. Our award winning solution yields completely non-invasive ...

Modified

DEFT Linux 6 is based on the new Kernel 2.6.35 (Linux side) and the DEFT Extra 3.0 (Computer Forensic GUI) with the best freeware Windows Computer Forensic tools. DEFT it’s a new concept of Computer Forensic live system that use LXDE as desktop environmen ...

ModifiedNever
AccessData Group LLC
Commercial
Pricing Model

Forensic Toolkit® (FTK®) is recognized around the world as the standard in computer forensics software. This court-validated digital investigations platform delivers cutting-edge computer forensic analysis, decryption and password cracking all within an i ...

Modified
Dan Farmer and Wietse Venema
OPEN SOURCE
Pricing Model

TCT is a collection of programs by Dan Farmer and Wietse Venema for a post-mortem analysis of a UNIX system after break-in. The software was presented first in a Computer Forensics Analysis class in August 1999 (handouts can be found here). Examples of us ...

Modified
Dave Bullock
Freeware
Pricing Model

snarl is a bootable forensics ISO based on FreeBSD and using @stake's autopsy and task as well as scmoo's list of known good checksums. Once you boot the iso just log in as root there is no password. You will boot into a dialog driven menu. select the fir ...

Modified
droopy and ranger-x
Open Source
Pricing Model

PLAC is a business card sized bootable cdrom running linux. It has network auditing, disk recovery, and forensic analysis tools. ISO will be avialable and scripts to roll you own cd.

Modified
George M. Garner Jr
GPL
Pricing Model

This is a collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in this collection are intended to permit the investigator to sterilize media for forensi ...

Modified
Klaus Knopper
GPL
Pricing Model

KNOPPIX is a bootable CD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a Linux demo, educational CD, rescue syste ...

Modified
Commercial
Pricing Model

SMART is a software utility that has been designed and optimized to support data forensic practitioners and Information Security personnel in pursuit of their respective duties and goals. The SMART software and methodology have been developed with th ...

Modified
Commercial
Pricing Model

ocked out? Get back in. Password Recovery Toolkit gives you the ability to recover passwords from well-known applications. PRTK is perfect for law enforcement and corporate security professionals. If you need access to locked files or if your users have s ...

Modified
The SANS Institute

The SANS SIFT Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidenc ...

ModifiedNever

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules ...

Modified

PTK forensics is a computer forensic framework for the command line tools in the SleuthKit plus much more software modules. This makes it usable and easy to investigate a system. PTK forensics is an alternative advanced framework for the TSK suite (The Sl ...

ModifiedNever
National Institute of Justice, FBI, other law enforcement agencies

Cyberinvestigation Law Enforcement Wizard (CLEW), enhances the capability of law enforcement to gather and analyze digital evidence in such cases. It is an application that can be downloaded to a portable USB thumb drive and uploaded to computers at crime ...

ModifiedNever
Microsoft Corporation

Microsoft has created Computer Online Forensic Evidence Extractor (COFEE), designed exclusively for use by law enforcement agencies. COFEE brings together a number of common digital forensics capabilities into a fast, easy-to-use, automated tool for first ...

ModifiedNever
Commercial
Pricing Model

Cellebrite's UFED Series consists of the mobile forensic tools for data scrutiny, invaluable for any investigation. Cellebrite presents a range of applications purpose-designed for the critical examination of mobile device data. UFED Physical AnalyzerUFE ...

Modified
Commercial
Pricing Model

iVe is a vehicle system forensic tool that acquires user data from vehicles and allows forensic examiners and investigators a means to quickly and intuitively analyze it. Vehicle Infotainment systems store a vast amount of user related data such as recen ...

Modified
iVE - Vehicle Forensics
Elcomsoft Co. Ltd
Commercial
Pricing Model

Perform the complete forensic acquisition of user data stored in iPhone/iPad/iPod devices running any version of iOS. Elcomsoft iOS Forensic Toolkit allows eligible customers acquiring bit-to-bit images of devices’ file systems, extracting device secrets ...

Modified
iOS Forensic Toolkit
The ARC Group
Commercial
Pricing Model

The ARC Group’s next-generation solution to cyber crime is backed by industry-leader, ProDiscover. ProDiscover Forensic is a computer security tool that enables computer professionals to locate all of the data on a computer disk and at the same time prot ...

Modified
ProDiscover Forensic Edition

© Computer Network Defence Limited 2021