Forensic ToolkitsRSS

Forensic Toolkits

The @stake Sleuth Kit (TASK) allows an investigator examine the file systems of a suspect computer in a non-intrusive fashion. TASK is a collection of UNIX-based command line tools that can analyze NTFS, FAT, FFS, EXT2FS, and EXT3FS file systems. TASK rea ...

VendorBrian Carrier
Pricing ModelFREEWARE
Modified

With an intuitive, yet flexible GUI, and unmatched performance, EnCase Version 4 provides investigators with the tools to conduct large-scale and complex investigation with accuracy and efficiency. Our award winning solution yields completely non-invasive ...

VendorGuidance Software, Inc.
Pricing ModelCommercial
Modified

DEFT Linux 6 is based on the new Kernel 2.6.35 (Linux side) and the DEFT Extra 3.0 (Computer Forensic GUI) with the best freeware Windows Computer Forensic tools. DEFT it’s a new concept of Computer Forensic live system that use LXDE as desktop environmen ...

VendorDEFT Linux
Pricing ModelOpen Source
ModifiedNever

Forensic Toolkit® (FTK®) is recognized around the world as the standard in computer forensics software. This court-validated digital investigations platform delivers cutting-edge computer forensic analysis, decryption and password cracking all within an i ...

VendorAccessData Group LLC
Pricing ModelCommercial
Modified

TCT is a collection of programs by Dan Farmer and Wietse Venema for a post-mortem analysis of a UNIX system after break-in. The software was presented first in a Computer Forensics Analysis class in August 1999 (handouts can be found here). Examples of us ...

VendorDan Farmer and Wietse Venema
Pricing ModelOPEN SOURCE
Modified

snarl is a bootable forensics ISO based on FreeBSD and using @stake's autopsy and task as well as scmoo's list of known good checksums. Once you boot the iso just log in as root there is no password. You will boot into a dialog driven menu. select the fir ...

VendorDave Bullock
Pricing ModelFreeware
Modified

PLAC is a business card sized bootable cdrom running linux. It has network auditing, disk recovery, and forensic analysis tools. ISO will be avialable and scripts to roll you own cd.

Vendordroopy and ranger-x
Pricing ModelOpen Source
Modified

This is a collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. The components in this collection are intended to permit the investigator to sterilize media for forensi ...

VendorGeorge M. Garner Jr
Pricing ModelGPL
Modified

KNOPPIX is a bootable CD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a Linux demo, educational CD, rescue syste ...

VendorKlaus Knopper
Pricing ModelGPL
Modified

SMART is a software utility that has been designed and optimized to support data forensic practitioners and Information Security personnel in pursuit of their respective duties and goals. The SMART software and methodology have been developed with th ...

VendorASR Data
Pricing ModelCommercial
Modified

ocked out? Get back in. Password Recovery Toolkit gives you the ability to recover passwords from well-known applications. PRTK is perfect for law enforcement and corporate security professionals. If you need access to locked files or if your users have s ...

VendorAccess Data
Pricing ModelCommercial
Modified

The SANS SIFT Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidenc ...

VendorThe SANS Institute
Pricing ModelOpen Source
ModifiedNever

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules ...

VendorOpen Source
Pricing ModelOpen Source
Modified

PTK forensics is a computer forensic framework for the command line tools in the SleuthKit plus much more software modules. This makes it usable and easy to investigate a system. PTK forensics is an alternative advanced framework for the TSK suite (The Sl ...

VendorDFLabs
Pricing ModelFreeware
ModifiedNever

Cyberinvestigation Law Enforcement Wizard (CLEW), enhances the capability of law enforcement to gather and analyze digital evidence in such cases. It is an application that can be downloaded to a portable USB thumb drive and uploaded to computers at crime ...

VendorNational Institute of Justice, FBI, other law enforceme...
Pricing ModelCommercial
ModifiedNever

Microsoft has created Computer Online Forensic Evidence Extractor (COFEE), designed exclusively for use by law enforcement agencies. COFEE brings together a number of common digital forensics capabilities into a fast, easy-to-use, automated tool for first ...

VendorMicrosoft Corporation
Pricing ModelFreeware
ModifiedNever

Cellebrite's UFED Series consists of the mobile forensic tools for data scrutiny, invaluable for any investigation. Cellebrite presents a range of applications purpose-designed for the critical examination of mobile device data. UFED Physical AnalyzerUFE ...

VendorCellebrite
Pricing ModelCommercial
Modified
iVE - Vehicle Forensics

iVe is a vehicle system forensic tool that acquires user data from vehicles and allows forensic examiners and investigators a means to quickly and intuitively analyze it. Vehicle Infotainment systems store a vast amount of user related data such as recen ...

VendorBerla
Pricing ModelCommercial
Modified
iOS Forensic Toolkit

Perform the complete forensic acquisition of user data stored in iPhone/iPad/iPod devices running any version of iOS. Elcomsoft iOS Forensic Toolkit allows eligible customers acquiring bit-to-bit images of devices’ file systems, extracting device secrets ...

VendorElcomsoft Co. Ltd
Pricing ModelCommercial
Modified
ProDiscover Forensic Edition

The ARC Group’s next-generation solution to cyber crime is backed by industry-leader, ProDiscover. ProDiscover Forensic is a computer security tool that enables computer professionals to locate all of the data on a computer disk and at the same time prot ...

VendorThe ARC Group
Pricing ModelCommercial
Modified

© Computer Network Defence Limited 2019