Tags: Forensics

Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. // Unhide (ps) Detecting hidden processes. Implements six techniques * Compare /proc vs /bin/ps output * Compare inf ...

A Recycle Bin Forensic Analysis Tool. Many important files within Microsoft Windows have structures that are undocumented. One of the principals of computer forensics is that all analysis methodologies must be well documented and repeatable, and they m ...

  A multi-platform LIVE side for three environments; Mac OS X, Windows and Linux with one simple to use interface Make forensic images of all internal devices Make a forensic image of physical memory (32 and 64 bit) Determine if disk level en ...

Oxygen Forensic Extractor offers OEM system builders and hardware manufacturers a unique opportunity to integrate a time-proven forensic acquisition system to their hardware-based solution without spending years developing in-house software. Oxygen Forens ...

Oxygen Forensic Extractor for Clouds is a forensic program that allows to extract data from cloud services and save it on PC in a readable format. Authentication is required to get access to the cloud data. A forensic expert needs to enter account credent ...

Triage-IR is a script written by Michael Ahrendt, which will collect system information, network information, registry hives, disk information and will also dump memory. One of the capabilities of Triage-IR is collecting information from Volume Shadow Cop ...

Discover evidence in the field with Belkasoft Evidence Center Portable! The portable edition of Belkasoft forensic suite offers all the same features as Belkasoft Evidence Center 2014, but has a few key differences. Plug-and-play The Portable edition ...