-
Autospy: Autopsy® is the premier end-to-end open source digital forensics platform. Built by Basis Technology with the core features you expect in commercial forensic tools, Autopsy is a fast, thorough, and efficient hard drive investigation solution that evolves with your needs.
- Website: https://www.autopsy.com/
-
The Sleuth Kit: The Sleuth Kit is a library and collection of Unix- and Windows-based utilities for extracting data from disk drives and other storage so as to facilitate the forensic analysis of computer systems.
- Website: https://www.sleuthkit.org/
-
Wireshrak: Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues.
- Website: https://www.wireshark.org/
-
ExitTool: ExifTool is a free and open-source software program for reading, writing, and manipulating image, audio, video, and PDF metadata. It is platform independent, available as both a Perl library and command-line application.
- Website: https://exiftool.org/
-
Parrot Security: The ultimate framework for your Cyber Security operations
- Website: https://www.parrotsec.org/
-
PALADIN: PALADIN is a modified “live” Linux distribution based on Ubuntu that simplifies various forensics tasks in a forensically sound manner via the PALADIN Toolbox. PALADIN is available in 64-bit and 32-bit versions.
- Website: https://sumuri.com/software/paladin/
-
SIFT Workstation: SIFT (SANS investigative forensic toolkit) Workstation is a freely-available virtual appliance that is configured in Ubuntu 14.04. SIFT contains a suite of forensic tools needed to perform a detailed digital forensic examination. It is one of the most popular open-source incident response platforms.
-
FTK Imager: FTK Imager is a data preview and imaging tool used to acquire data (evidence) in a forensically sound manner by creating copies of data without making changes to the original evidence. It saves an image of a hard disk, in one file or in segments, which may be reconstructed later on. It calculates MD5 hash values and confirms the integrity of the data before closing the files.
-
Volatility: Also built into SIFT, Volatility is an open-source memory forensics framework for incident response and malware analysis. It is written in Python and supports Microsoft Windows, Mac OS X, and Linux (as of version 2.5). Forensic analysis of raw memory dump will be performed on a Windows platform. The Volatility tool is used to determine whether the PC is infected or not. Subsequently, the malicious programme can be extracted from the running processes from the memory dump.
-
LastActivityView: LastActivityView is a tool for the Windows operating system that collects information from various sources on a running system, and displays a log of actions made by the user and events that occurred on this computer. The activity displayed by LastActivityView includes: Running an .exe file, opening open/save dialog-box, opening file/folder from Explorer or other software, software installation, system shutdown/start, application or system crash and network connection and disconnection.
-
HxD: HxD is a carefully designed and fast hex editor which, in addition to raw disk editing and modifying of main memory (RAM), handles files of any size. The easy-to-use interface offers features such as searching and replacing, exporting, checksums/digests, insertion of byte patterns, a file shredder, concatenation or splitting of files, statistics and much more.
- Website: https://mh-nexus.de/en/hxd/
-
CANE: CAINE offers a complete forensic environment that is organised to integrate existing software tools as software modules and to provide a friendly graphical interface. This is a digital forensics platform and graphical interface to the Sleuth Kit and other digital forensics tools.
-
Magnet AXIOM: Magnet AXIOM is a complete digital investigation platform, with the ability to recover, analyze, and report on data from all your sources—mobile, computer, and cloud— in one case file, helping you build a holistic view of the evidence and how it relates to the case so you can quickly and easily see the entire story.
- Price: ?
- Website: https://www.magnetforensics.com/products/magnet-axiom/
-
MOBILedit: MOBILedit Forensic is an all-in-one solution for data extraction from phones, smartwatches and clouds. It utilizes both physical and logical data acquisition, has excellent application analysis, deleted data recovery, a wide range of supported devices, fine-tuned reports, concurrent processing, and easy-to-use interface. With a brand new approach, MOBILedit Forensic is much stronger in security bypassing than ever before.
- Price: $2,250 one time license with 12 months of updates
- Website: https://www.mobiledit.com/mobiledit-forensic
-
Cellebrite UFED: UFED is a software application that allows the digital investigator to read and analyse mobile devices. Complex passwords, encryption barriers, deleted and unknown content can prevent important evidence from data carriers from coming to light. Cellebrite UFED provides the solution.
- Price: $8,330.00
- Website: https://cellebrite.com/en/ufed/
-
MailXaminer: MailXaminer is a dedicated tool designed to unlock the complexities of email data for forensic investigators. Tailored to specialize in the extraction, research, and recovery of email content, it's no wonder I've tagged it as the best in its niche for email-centric tasks.
- Price: $1999 Yearly subscription
- Website: https://www.mailxaminer.com/computer-forensic-tool.html
-
EnCase: EnCase is the shared technology within a suite of digital investigations products by Guidance Software. The software comes in several products designed for forensic, cyber security, security analytics, and e-discovery use. EnCase is traditionally used in forensics to recover evidence from seized hard drives.
- Price: $3,156.99
- Website: https://www.opentext.com/products/encase-forensic
-
Belkasoft X Forensic: Belkasoft X Forensic (Belkasoft Evidence Center X) is a flagship tool by Belkasoft for computer, mobile, drone, car, and cloud forensics. It can help you to acquire and analyze a wide range of mobile and computer devices, run various analytical tasks, perform case-wide searches, bookmark artifacts, and create reports.
- Price: $11,990.00
- Website: https://belkasoft.com/x
-
FTK Forensic Toolkit: Forensic Toolkit, or FTK, is a computer forensics software originally developed by AccessData, an Exterro company. It scans a hard drive looking for various information. It can, for example, potentially locate deleted emails and scan a disk for text strings to use them as a password dictionary to crack encryption.
- Price: Subscription $2,900.00 Renew every year
- Website: https://www.exterro.com/digital-forensics-software/forensic-toolkit
-
IBM Security QRadar SIEM: IBM QRadar SIEM (Security Information and Event Management) is a modular architecture that provides real-time visibility of your IT infrastructure, which you can use for threat detection and prioritization. You can scale QRadar to meet your log and flow collection, and analysis needs.
- Price: Starting at $12,048.29/one-time payment for 1 year
- Website: https://www.ibm.com/products/qradar-siem
-
Cyber Triage: Cyber Triage is automated Digital Forensics and Incident Response (DFIR) software that allows cybersecurity professionals like you to quickly answer intrusion questions related to malware, ransomware, and account takeover.
- Price: Subscription $2,500 Renew every year
- Website: https://www.cybertriage.com/
-
ExtraHop: ExtraHop is a cybersecurity company providing AI-based network intelligence that stops advanced threats across cloud, hybrid, and distributed environments.
- Price: ?
- Website: https://www.cybertriage.com/
-
DomainTools: DomainTools is a critical layer and essential piece in the security stack of elite enterprises and performance-driven security teams. Power your optimal program below and see where DomainTools fits and can help you do more.
- Price: ?
- Website: https://www.domaintools.com/
-
Detego Global: Detego Global is a division of MCM Solutions (MCMS), a British Company that develops award-winning Digital Forensics, Case Management and Endpoint Monitoring solutions for military, law enforcement and corporate customers around the world.
- Price: ?
- Website: https://detegoglobal.com/
-
Attack Analytics: Imperva Attack Analytics detects application attacks by applying machine learning and domain expertise across the application security stack to reveal patterns in the noise.
- Price: ?
- Website: https://www.imperva.com/products/attack-analytics/
-
Oxygen Forensics: An all-in-one digital forensic software designed to extract, decode, and analyze data. Extract data and artifacts from multiple devices with the capability for both mobile and computer forensic investigations.
- Price: $9,945.00
- Website: https://oxygenforensics.com/en/products/oxygen-forensic-detective/
-
Paraben E3:UNIVERSAL: E3:UNIVERSAL is an end-to-end DFIR and digital investigations solution that can process and capture ALL types of digital data: computers, email, internet data, smartphones, IoT devices, and cloud data.
- Price: $6,295
- Website: https://paraben.com/shopping/E3-UNIVERSAL-p446500535
-
OS Forensics: OSForensics lets you extract forensic evidence from computers quickly with high performance file searches and indexing.
- Price: $899.00 per user per year subscription
- Website: https://www.osforensics.com/osforensics.html
-
SandBlast Threat Extraction: The SandBlast Threat Extraction technology is a capability of SandBlast Network and the SandBlast Agent endpoint protection solutions. It removes exploitable content, reconstructs files to eliminate potential threats, and delivers sanitized content to users in a few seconds to maintain business flow.
- Price: $7,640.00 1 year
- Website: https://www.checkfirewalls.com/Next-Generation-Threat-Extraction.asp
Copyright (c) 2024 Garuda Project. Licensed under the MIT License (MIT)