Forensic Solutions: All Listings 

Tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging. Each TCP flow is stored in its own file. Thus, the typical TCP flow will be stored ...

A tool to collect DNS records passively to aid Incident handling, Network  Security Monitoring (NSM) and general digital forensics. PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. Passive ...

ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently ...

Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, it can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic. It lets you interac ...

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico ...

REMnux™ is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident responders to start using the variety of freely-available tools that can exami ...

Oxygen Forensic Detective is an all-in-one forensic software platform built to extract, decode, and analyze data from multiple digital sources: mobile and IoT devices, device backups, UICC and media cards, drones, and cloud services. Oxygen Forensic® Dete ...

Oxygen Forensic® Passware® Analyst is a brand-new and tightly integrated combination of two award-winning forensic tools in a single acquisition and analysis suite. The new product enables straightforward mobile acquisition, extraction, decryption and an ...

Whether its a line of source code, an entry into a log file, a legal brief, or even a letter, FileLocator Pro helps you find things fast. It's features make it possible to dig out information in even the most obscure file formats. Review highlighed keywo ...

Belkasoft Live RAM Capturer is a tiny free forensic tool that allows to reliably extract the entire contents of computer’s volatile memory—even if protected by an active anti-debugging or anti-dumping system. Separate 32-bit and 64-bit builds are availabl ...

Belkasoft X (Belkasoft Evidence Center X) is a flagship tool by Belkasoft for computer, mobile and cloud forensics. It can help you to acquire and analyze a wide range of mobile devices, run various analytical tasks, perform case-wide searches, bookm ...

Belkasoft X (Belkasoft Evidence Center X) is a flagship tool by Belkasoft for computer, mobile and cloud forensics. It can help you to acquire and analyze a wide range of mobile devices, run various analytical tasks, perform case-wide searches, bookmark a ...

Kernel Exhcnage EDB Viewer is an Exchange Mailbox viewer tool, that assists system administrators in opening EDB files even in the absence of MS Exchange Servers. Now recover your corrupt exchange database files for free and review their entire contents ...

Viewer for standalone files containing Microsoft Outlook Express 4,5 and 6 message database (*.idx/*.mbx/*.dbx), Windows Vista Mail/Windows Live Mail and Mozilla Thunderbird message databases as well as standalone EML files. This application is based on ...

Nuix Evidence Mover is designed to copy evidence files images from one storage location, to antoher. It creates a hash of the files before and after moving to ensure the data has been copied accurately, and to maintain the chain of custody.

Agent Ransack is a free file search tool for finding files on your PC or network drives. It has a Lite mode, which is FREE for both personal and commercial use but also a Professional mode that includes optional pay-for features. First released in April ...

Browser History Examiner is a professional software tool for extracting, viewing and analysing internet history from the main desktop web browsers. BHE can assist in various digital investigations such as civil & criminal digital forensics cases ...

Browser History viewer is a free tool for extracting, viewing and analysing internet history from Firefox, Chrome and Internet Explorer web browsers. Website visits are displayed alongside an interactive graph, showing how many sites have been visited ov ...

Browser History Capturer is a free tool that allows you to easily capture web browser history from a Windows computer. The tool can be run from a USB dongle to capture history from Firefox, Chrome and Internet Explorer web browsers. The history files are ...

Process monitor is a monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. it combines the features of two legacy Sysinternals utilites, Filemon, Regmon, and adds an extensive list of enhancements including ri ...