Tools:
- Andriller CE - Android artifact and DB parser
- Arsenal Image Mounter - Forensic image mounting tool
- Autopsy - Free full forensic suite
- Autopsy Plugins - extra plugins by Mark McKinnon, great addition for parsing more artifacts
- BriMor Labs LRC (Cedarpelta) - automated triage and collection kit
- DB Browser for SQLite - one of the best free SQLite viewers
- ESE Analyst - parses ESE databases, I mostly use for SRUM parsing
- ExifTool - file EXIF extractor
- EZ Tools - includes Shellbags, Jumplist, MFT, Registry parsers and so much more
- FTK Imager - forensic imaging tool and image viewer
- Hindsight - Chrome browser parser
- KAPE - triage and artifact parser
- M.E.A.T. - mobile device collection tool
- Magnet ACQUIRE - acquisition tool for computers and mobile devices
- Magnet Encrypted Disk Detector - disk encryption checker
- Magnet RAM Capture - memory collection
- Network Miner - network forensic analysis
- Nirsoft NirLauncher - suite of individual IT and forensic tools
- PE Studio - quick malware analysis triage
- PPEE (Puppy) - PE file analyzer
- RegRipper - registry file parser
- Rufus USB - creates bootable USB drives
- ShadowExplorer - volume shadow copy analysis
- Sysinternals - suite of Windows analysis tools
- USB Detective - USB device parser from registry and other related artifacts
- Volatility / Volatility Workbench - RAM/memory analysis
- Wireshark - packet capture and network analysis
- WizTree - disk space analyzer
Linux Distros:
More:DFIR Training - https://www.dfir.training/dfirtools
This article provided me with a wealth of information about digital forensic investigator in london. The article is both educational and helpful. Thank you for providing this information. Keep up the good work.
ReplyDeleteYou have done good work by publishing this article here. I found this article too much informative, and also it is beneficial to enhance our knowledge. Grateful to you for sharing an article like this. Cyber Security Training Courses In Canada
ReplyDelete