Forensic
Jump to navigation
Jump to search
Tools for this function
| Tool | Purpose |
|---|---|
| AFFLIB | The Advanced Forensics Format (AFF) and AFF Library (AFFLIB) are a joint development project of Simson L. |
| Autopsy Digital Forensics | Open source, free digital forensics tool |
| Autopsy Forensic Browser | Graphical interface to the command line digital investigation tools in The Sleuth Kit |
| Crazy-fast-image-scan | A script to scan media very quickly to find out what kind of content it contains |
| DataLifter | suite of tools "designed to assist with Computer Forensics, Information Auditing, Information Security and Data Recovery" |
| Dc3dd for computer forensics | dc3dd is a patched version of GNU dd with a number of features useful for computer forensics. |
| Dcfldd | dcfldd is an enhanced version of GNU dd with features useful for forensics and security. |
| Digital Intelligence Forensic Software | Digital Intelligence Forensic Software |
| Disk2FDI | Disk2FDI is a professional disk imaging software designed to create binary images of floppy disks to the Formatted Disk Image (FDI) file format, as well as sector-based standard formats. |
| EnCase Forensic | EnCase Forensic (OpenText) |
| FBCD (Farmer's Boot CD) | bootable CD with Linux and forensic tools |
| FCCU GNU/Linux Forensic Boot CD | bootable CD with Linux and forensic tools |
| FTK (Forensic Toolkit) | Forensic Toolkit (AccessData) |
| Foremost | Foremost is a console program to recover files based on their headers, footers, and internal data structures. |
| Forensic Acquisition Utilities | A collection of utilities and libraries intended for forensic or forensic-related investigative use in a modern Microsoft Windows environment. |
| Fq | Tool, language and decoders for working with binary data. |
| Freeware Hex Editor XVI32 | XVI32 is a freeware hex editor running under Windows 95, Windows 98, Windows NT, Windows 2000, and Windows XP. |
| Gumshoe | Search interface for metadata extracted from forensic disk images. |
| HashKeeper | Digital Evidence Laboratory specialists created the HashKeeper software in 1998 to expedite the analysis of electronic media by reducing the number of files to be analyzed during the course of an investigation. |
| Helix (e-fense) | bootable CD with Linux and forensic tools |
| Hex Workshop | The Hex Workshop Hex Editor by BreakPoint Software is a complete set of hexadecimal development tools for Microsoft Windows 2000 and later. |
| I2 | i2 is a provider of intelligence and investigation management software for law enforcement, defense, national security and private sector organizations. |
| ILookPI | ILookPI provides a fully programmable IDE environment with customizable tool capabilities. |
| Index.dat Analyzer v2.5 | Index.dat Analyzer is a tool to view, examine and delete contents of index.dat files. |
| InfinaDyne | InfinaDyne's forensic products are focused on government and law enforcement examining various types of media and intent on collecting evidence in a thorough, secure and trustworthy manner. |
| KEA (Keyphrase Extraction Algorithm) | KEA is an algorithm for extracting keyphrases from text documents. |
| Libewf | Libewf is a library for support of the Expert Witness Compression Format (EWF), it support both the SMART (EWF-S01) and EnCase (EWF-E01) format. |
| MRU-Blaster | MRU-Blaster is a program made to do one large task - detect and clean MRU (most recently used) lists on your computer. |
| McAfee Free Tools | Free Tools [See specifically Foresnic Tools] |
| Microsoft Office 2003 Add-in: Word Redaction v1.2 | Use the Word 2003 Redaction Add-in to hide text within Microsoft Office Word 2003 documents. |
| Microsoft Office 2003/XP Add-in: Remove Hidden Data | With this add-in you can permanently remove hidden data and collaboration data, such as change tracking and comments, from Microsoft Word, Microsoft Excel, and Microsoft PowerPoint files. |
| NSRL (National Software Reference Library) | The NSRL provides a large data set of metadata on computer files which can be used to identify the files and their provenance |
| OCFA (Open Computer Forensics Architecture) | Open Computer Forensics Architecture is a modular computer forensics framework. |
| OSFMount | disk image file mounting |
| Paraben | Paraben provides forensics tools. |
| Prodiscover | Prodiscover provides a set of features and toolkits for Computer Forensics and Incident Response |
| PyFlag | FLAG (Forensic and Log Analysis GUI) is an advanced forensic tool for the analysis of large volumes of log files and forensic investigations. |
| RAID (Real-time Analytical Intelligence Database) | RAID is a relational database used to record key pieces of information and to quickly identify links among people, places, businesses, financial accounts, telephone numbers, and other investigative information. |
| RapidRedact | The RapidRedact product range provides fast, easy to use redaction tools for irreversibly blanking out (redacting) selected information, author's changes and hidden data from all electronic document types. |
| Redact-It | Provides Windows desktop and server redaction of PDF, Word, scanned TIFF images. Find, black out and remove content within documents, images or drawings. |
| Redax | Redax completely redacts (removes) text and graphics from the PDF page. |
| Regshot | Regshot is an open-source (GPL) registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product. |
| The Carve Path Zero-storage Library and filesystem | LibCarvPath is a library for computer forensics carving tools. |
| The Sleuth Kit | Collection of command line computer forensics digital investigation tools. |
| WinHex | WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. |
| Windows IR/CF Tools | Windows based forensic tools |
| Yara | YARA is a tool that allows the identification of files that match user-defined textual or binary patterns |
See also the tools list on the ForensicsWiki.