Sign in Subscribe
By Deka1918 in CTF Tools

Forensics

Tools used for solving Forensics challenges

Forensics

This is a curated list of forensics tools :

  • A-Packets — Effortless PCAP File Analysis in Your Browser.
  • Autopsy — End-to-end open source digital forensics platform.
  • Binwalk — Firmware Analysis Tool.
  • Bulk-extractor — High-performance digital forensics exploitation tool.
  • Bkhive & samdump2 — Dump SYSTEM and SAM files.
  • ChromeCacheView — Small utility that reads the cache folder of Google Chrome Web browser, and displays the list of all files currently stored in the cache.
  • Creddump — Dump Windows credentials.
  • Exiftool — Read, write and edit file metadata.
  • Extundelete — Utility that can recover deleted files from an ext3 or ext4 partition.
  • firmware-mod-kit — Modify firmware images without recompiling.
  • Foremost — Console program to recover files based on their headers, footers, and internal data structures.
  • Forensic Toolkit — It scans a hard drive looking for various information. It can, potentially locate deleted emails and scan a disk for text strings to use them as a password dictionary to crack encryption.
  • Forensically — Free online tool to analysis image this tool has many features.
  • MZCacheView — Small utility that reads the cache folder of Firefox/Mozilla/Netscape Web browsers, and displays the list of all files currently stored in the cache.
  • NetworkMiner — Network Forensic Analysis Tool (NFAT).
  • OfflineRegistryView — Simple tool for Windows that allows you to read offline Registry files from external drive.
  • photorec — File data recovery software designed to recover lost files including video, documents and archives from hard disks, CD-ROMs, and lost pictures (thus the Photo Recovery name) from digital camera memory.
  • Registry Viewer — Tool to view Windows registers.
  • Scalpel — Open source data carving tool.
  • The Sleuth Kit — Collection of command line tools and a C library that allows you to analyze disk images and recover files from them.
  • USBRip — Simple CLI forensics tool for tracking USB device artifacts (history of USB events) on GNU/Linux.
  • Volatility — An advanced memory forensics framework.
  • Wireshark — Tool to analyze pcap or pcapng files.
  • X-Ways — Advanced work environment for computer forensic examiners.

Designed by - Deka1918

Click me on this site
Previous

Cryptography

 Next

Steganography

You might also like...