Forensics

Computer Forensics : Exploring The Tools Of The Trade – A Comprehensive Guide

Computer forensics is an essential field that involves the investigation of digital devices to uncover evidence in various scenarios, including criminal activities and corporate disputes.

This article provides a curated list of top-notch free tools and resources that are crucial for anyone involved in the forensic analysis of computers.

From specialized operating systems to advanced frameworks and utilities for data recovery, this guide covers all the necessary tools to equip you with the skills needed for effective digital investigations.

Curated list of awesome free forensic analysis tools and resources.

  • Computer Forensics
    • Distributions
    • Frameworks
    • Memory Forensics
    • Network Forensics
    • Live Forensics
    • IOC Scanner
    • Imaging
    • Windows Artifacts
    • OS X Forensics
    • Mobile Forensics
    • Docker Forensics
    • Picture Analysis
    • Metadata Forensics
    • Steganography
    • Management
    • Decryption
    • Disk image handling
    • Resources

Distributions

NameDescriptions
bitscoutBitscout is customizable live OS constructor tool written entirely in bash. It’s main purpose is to help you quickly create own remote forensics bootable disk image.
RemnuxREMnux® is a Linux toolkit for reverse-engineering and analyzing malicious software. REMnux provides a curated collection of free tools created by the community. Analysts can use it to investigate malware without having to find, install, and configure the tools.
SANS Investigative Forensics Toolkit (sift)Linux distribution for forensic analysis
Tsurugi LinuxTsurugi Linux is a DFIR open source project that is and will be totally free, independent, without involving any commercial brand Our main goal is share knowledge and “give back to the community”
WinFEAs a result of this, WinFE will now load on UEFI as well as legacy systems, without changing BIOS settings. This means that devices, such as the Microsoft Surface Pro can be easily forensically imaged. BitLocker is also supported providing that you have access to either the unlock key or password.

Frameworks

NameDescriptions
AutopsyAutopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera’s memory card.
dffDFF (Digital Forensics Framework) is a Forensics Framework coming with command line and graphical interfaces. DFF can be used to investigate hard drives and volatile memory and create reports about user and system activities.
dexterForensics acquisition framework designed to be extensible and secure.
IntelMQIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
KuiperKuiper is a digital investigation platform that provides a capabilities for the investigation team and individuals to parse, search, visualize collected evidences (evidences could be collected by fast traige script like Hoarder).
Laika BOSSLaika BOSS: Object Scanning System.
PowerForensicsPowerForensics provides an all in one platform for live disk forensic analysis.
The Sleuth KitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
turbiniaTurbinia is an open-source framework for deploying, managing, and running forensic workloads on cloud platforms
IPED - Indexador e Processador de Evidências DigitaisIPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.
Wombat ForensicsWombat Forensics is a new Forensic Analysis tool built entirely in C and C++. The GUI is built using Qt5, so it may one day work on Windows, Linux and Macintosh systems.
binwalkFirmware Analysis Tool

For more information click here.

Varshini

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

5 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

5 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

2 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago