Forensic ToolkitsRSS

Forensic Toolkits

Brian Carrier
FREEWARE
Pricing Model

The @stake Sleuth Kit (TASK) allows an investigator examine the file systems of a suspect computer in a non-intrusive fashion. TASK is a collection of UNIX-based command line tools that can analyze NTFS, FAT, FFS, EXT2FS, and EXT3FS file systems. TASK rea ...

Modified
Guidance Software, Inc.
Commercial
Pricing Model

With an intuitive, yet flexible GUI, and unmatched performance, EnCase Version 4 provides investigators with the tools to conduct large-scale and complex investigation with accuracy and efficiency. Our award winning solution yields completely non-invasive ...

Modified
Commercial
Pricing Model

FTK is a digital investigations solution built for speed, stability and ease of use. It quickly locates evidence and forensically collects and analyzes any digital device or system producing, transmitting or storingdata by using a single application from ...

Modified
FTK Forensic Toolkit
Dan Farmer and Wietse Venema
OPEN SOURCE
Pricing Model

TCT is a collection of programs by Dan Farmer and Wietse Venema for a post-mortem analysis of a UNIX system after break-in. The software was presented first in a Computer Forensics Analysis class in August 1999 (handouts can be found here). Examples of us ...

Modified
Dave Bullock
Freeware
Pricing Model

snarl is a bootable forensics ISO based on FreeBSD and using @stake's autopsy and task as well as scmoo's list of known good checksums. Once you boot the iso just log in as root there is no password. You will boot into a dialog driven menu. select the fir ...

Modified
droopy and ranger-x
Open Source
Pricing Model

PLAC is a business card sized bootable cdrom running linux. It has network auditing, disk recovery, and forensic analysis tools. ISO will be avialable and scripts to roll you own cd.

Modified
Klaus Knopper
GPL
Pricing Model

KNOPPIX is a bootable CD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a Linux demo, educational CD, rescue syste ...

Modified
Commercial
Pricing Model

SMART is a software utility that has been designed and optimized to support data forensic practitioners and Information Security personnel in pursuit of their respective duties and goals. The SMART software and methodology have been developed with th ...

Modified
The SANS Institute

The SANS SIFT Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidenc ...

ModifiedNever

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules ...

Modified
Commercial
Pricing Model

Lawfully access locked devices with easeBypass pattern, password or PIN locks and overcome encryption challenges quickly on popular Android and iOS devices Support for the broadest range of devicesCollect data from mobile phones, drones, SIM Cards, SD ca ...

Modified
Cellebrite UFED
Commercial
Pricing Model

The iVe Ecosystem is a collection of tools that supports investigators throughout the entire vehicle forensics process with a mobile application for identifying vehicles, a hardware kit for acquiring systems, and forensic software for analyzing data. &nb ...

Modified
iVE Ecosystem - Vehicle Forensics
Elcomsoft Co. Ltd
Commercial
Pricing Model

Perform full file system and logical acquisition of iPhone, iPad and iPod Touch devices. Image device file system, extract device secrets (passwords, encryption keys and protected data) and decrypt the file system image.   Features and Benefits: ...

Modified
iOS Forensic Toolkit
Commercial
Pricing Model

Belkasoft X (Belkasoft Evidence Center X) is a flagship tool by Belkasoft for computer, mobile and cloud forensics. It can help you to acquire and analyze a wide range of mobile devices, run various analytical tasks, perform case-wide searches, bookm ...

Modified
Belkasoft Evidence Center X
Oxygen Forensics
Commercial
Pricing Model

Oxygen Forensic® Passware® Analyst is a brand-new and tightly integrated combination of two award-winning forensic tools in a single acquisition and analysis suite. The new product enables straightforward mobile acquisition, extraction, decryption and an ...

Modified
Oxygen Forensics Passware Analyst
Lenny Zeltser
Open Source
Pricing Model

REMnux™ is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident responders to start using the variety of freely-available tools that can exami ...

Modified
REMnux
Tobias Klauser and Daniel Borkmann
Open Source
Pricing Model

netsniff-ng is a free, performant linux network analyzer and networking toolkit. If you will, the Swiss army knife for network packets. The gain of performance is reached by built-in zero-copy mechanisms, so that on packet reception and transmission the ...

Modified