Forensic Tools
These are tools for analyzing a breach in security in some way. Typically they are used for collecting data about the breach after the fact, or analyzing software to see how it performs the attack. Many reverse engineering tools will be listed here, as well as forensic recovery tools.
Other information about Forensic Tools
- 8 Articles for Learning Android Mobile Malware Analysis - by Lenny Seltzer of the ISC
MOBILedit Forensic is a phone extractor, data analyzer and report generator all in one solution. A powerful 64-bit application using both the physical and logical data acquisition methods, MOBILedit Forensic is excellent for advanced application analyzer, ...
Lawfully access locked devices with easeBypass pattern, password or PIN locks and overcome encryption challenges quickly on popular Android and iOS devices Support for the broadest range of devicesCollect data from mobile phones, drones, SIM Cards, SD ca ...
Forensic Explorer analysis software. Suitable for new or experienced investigators, Forensic Explorer combines a flexible and easy to use GUI with advanced sort, filter, keyword search, data recovery and script technology. Quickly process large volumes o ...
A multi-platform LIVE side for three environments; Mac OS X, Windows and Linux with one simple to use interface Make forensic images of all internal devices Make a forensic image of physical memory (32 and 64 bit) Determine if disk level en ...
Elcomsoft Phone Password Breaker enables forensic access to password-protected backups for smartphones and portable devices based on RIM BlackBerry and Apple iOS platforms. The password recovery tool supports all Blackberry smartphones as well as Apple de ...
Perform the complete forensic analysis of encrypted disks and volumes protected with desktop and portable versions of BitLocker, PGP and TrueCrypt. Elcomsoft Forensic Disk Decryptor allows decrypting data from encrypted containers or mounting encrypted vo ...
Elcomsoft Wireless Security Auditor examines the security of your wireless network by attempting to break into the network from outside or inside. Elcomsoft Wireless Security Auditor works completely in off-line, undetectable by the Wi-Fi network being pr ...
Oxygen Forensic Extractor offers OEM system builders and hardware manufacturers a unique opportunity to integrate a time-proven forensic acquisition system to their hardware-based solution without spending years developing in-house software. Oxygen Forens ...
Oxygen Forensic Extractor for Clouds is a forensic program that allows to extract data from cloud services and save it on PC in a readable format. Authentication is required to get access to the cloud data. A forensic expert needs to enter account credent ...
Triage-IR is a script written by Michael Ahrendt, which will collect system information, network information, registry hives, disk information and will also dump memory. One of the capabilities of Triage-IR is collecting information from Volume Shadow Cop ...
Encrypted Disk Detector is a command-line tool that can quickly, and non-intrusively, check for encrypted volumes on a computer system during incident response. The decision can then be made to investigate further and determine whether a live acquisition ...
AXIOM Cyber is a robust digital forensics and incident response solution for businesses that need to perform remote acquisitions and collect & analyze evidence from computers, the cloud, and mobile devices.Off-Network CollectionAXIOM Cyber enables you ...
The first forensic browser able to quickly and easly capture web pages that are to be brought to trial in criminal and civil proceedings. Acquisition of all websitesFAW acquires websites of any type: HTML5, CMS, static, dynamic, with frames, blogs, e-com ...
Belkasoft Live RAM Capturer is a tiny free forensic tool that allows to reliably extract the entire contents of computer’s volatile memory—even if protected by an active anti-debugging or anti-dumping system. Separate 32-bit and 64-bit builds are availabl ...
Belkasoft X (Belkasoft Evidence Center X) is a flagship tool by Belkasoft for computer, mobile and cloud forensics. It can help you to acquire and analyze a wide range of mobile devices, run various analytical tasks, perform case-wide searches, bookmark a ...
Kernel Exhcnage EDB Viewer is an Exchange Mailbox viewer tool, that assists system administrators in opening EDB files even in the absence of MS Exchange Servers. Now recover your corrupt exchange database files for free and review their entire contents ...
Viewer for standalone files containing Microsoft Outlook Express 4,5 and 6 message database (*.idx/*.mbx/*.dbx), Windows Vista Mail/Windows Live Mail and Mozilla Thunderbird message databases as well as standalone EML files. This application is based on ...
Nuix Evidence Mover is designed to copy evidence files images from one storage location, to antoher. It creates a hash of the files before and after moving to ensure the data has been copied accurately, and to maintain the chain of custody.
Agent Ransack is a free file search tool for finding files on your PC or network drives. It has a Lite mode, which is FREE for both personal and commercial use but also a Professional mode that includes optional pay-for features. First released in April ...
Whether its a line of source code, an entry into a log file, a legal brief, or even a letter, FileLocator Pro helps you find things fast. It's features make it possible to dig out information in even the most obscure file formats. Review highlighed keywo ...
