Skip to main content

Michele M Jordan

New Technologies Armor, Inc

NTI's forensic software tools are used in security reviews, internal audits and computer related investigations. Some of the tools are also used to identify and eliminate sensitive data leakage in classified government agencies. They are sold separately a ...

Category Forensic Tools
sysinternals/Mark Russinovich

The tools included in the PsTools suite, which are downloadable individually or as a package, are: PsExec - execute processes remotely, PsFile - shows files opened remotely, PsGetSid - display the SID of a computer or a user, PsKill - kill processes by na ...

Category Forensic Tools
Craig Wilson

NetAnalysis will automatically rebuild HTML web pages from an extracted cache, automatically adding the correct location of the graphics allowing you to view the page as the suspect did. NetAnalysis also allows you to easily view JPEG and other pictures t ...

Category Forensic Tools
Pangeia Informatica

chkrootkit: shell script that checks system binaries for rootkit modification. 45 rootkits, worms and LKMs are currently detected. The following tests are made: aliens asp bindshell lkm rexedcs sniffer wted scalper slapper z2 amd basename biff chfn chsh ...

Category Forensic Tools
Special Agent Jesse Kornblum

Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or ...

Category Forensic Tools
Special Agent Jesse Kornblum

md5deep is a set of programs to compute MD5, SHA-1, SHA-256, Tiger, or Whirlpool message digests on an arbitrary number of files. md5deep is similar to the md5sum program found in the GNU Coreutils package, but has the following additional features: Re ...

Category Forensic Tools
Arne Vidstrom

PMDump is a tool that lets you dump the memory contents of a process to a file without stopping the process. This can be useful in a forensic investigation.

Category Forensic Tools
Kroll Ontrack Ltd

Ontrack PowerControls recovers individual mailboxes, messages and attachments without needing to restore the entire backup. Use the powerful search capability to rapidly find the items you need for eDiscovery and compliance. Versions for Exchange, ShareP ...

Category Forensic Tools
Ontrack PowerControls
Free Software Foundation, Inc

GNU Parted is a program for creating, destroying, resizing, checking and copying partitions, and the file systems on them. This is useful for creating space for new operating systems, reorganising disk usage, copying data between hard disks and disk imagi ...

Category Forensic Tools
Brian Carrier

mac-robber is a digital investigation tool that collects data from allocated files in a mounted file system. This is useful during incident response when analyzing a live system or when analyzing a dead system in a lab. The data can be used by the mactime ...

Category Forensic Tools

WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday and emergency use: inspect and edit all kinds of files, ...

Category Forensic Tools
WinHex

IDA Pro as a disassembler is capable of creating maps of their execution to show the binary instructions that are actually executed by the processor in a symbolic representation (assembly language). Advanced techniques have been implemented into IDA Pro s ...

Category Forensic Tools
IDA Pro Disassembler
Oleh Yuschuk

OllyDbg is a 32-bit assembler level analysing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you can download and use it for free. Special hig ...

Category Forensic Tools

Safend Protector prevents internal/external data leakage by monitoring endpoint devices and data flow. Using granular and customizable security policies and rules, Protector automatically detects, permits and restricts files and encrypts media devices. Ve ...

Safend Protector

AppSense Environment Manager provides consistent and contextual user environments across multiple application delivery mechanisms. With AppSense Environment Manager, IT can manage user profiles with minimal maintenance as well as provide users with some l ...

Ivanti Environment Manager
BeCrypt Limited

Becrypt have worked closely with the UK National Cyber Security Centre (NCSC) to support the enhanced security characteristics of NCSC’s Advanced Mobile Solutions program, resulting in the first MDM platform that can support dynamic Deep Packet Inspection ...

MDM+

Intercept X Endpoint Features Endpoint Detection and Response (EDR)Automatically detect and prioritize potential threats and quickly see where to focus attention and know which machines may be impacted Extended Detection and Response (XDR)Go beyond the ...

Intercept X Endpoint

Network VisibilityAutomatically detect, classify, profile and monitor rogue network devices and their security state. Endpoint ComplianceEndpoint security posture assessment; pre and post connection – 802.1x or non-802.1x. Guest ManagementAutomated, spo ...

Policy Secure NAC
Microsoft Corp.

NAP is one of the most desired and highly anticipated features of Microsoft® Windows® Server 2008. NAP is a new platform and solution that controls access to network resources based on a client computer’s identity and compliance with corporate governance ...

Nevis Networks

The LANenforcer 2024 and 2124 LAN Security Appliances transparently integrate into existing network infrastructures, sitting between existing switches at the access and distribution layers. The LANenforcer Appliance is an ideal solution for organizations ...