Free
evtkit View evtkit
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
Digital Forensics
Digital forensics for incident response. Uncover digital evidence to understand and resolve security breaches effectively.
Try these 212 AI Digital Forensics Tools
Free
exif View exif
A tool for restoring defocused and blurred images with various deconvolution techniques and fast processing capabilities.
Free
Exiv2 View Exiv2
A user-friendly and fast Forensic Analysis tool with features like tagging files and generating preview reports.
Free
Exterro View Exterro
Toolkit for post-mortem analysis of Docker runtime environments using forensic HDD copies.
Free
extundelete View extundelete
A library to access and parse Windows XML Event Log (EVTX) format, useful for digital forensics and incident response.
Free
eyeballer View eyeballer
A community-sourced repository of digital forensic artifacts in YAML format.
Free
Factual Rules Generator View Factual Rules Generator
DMG2IMG is a tool for converting Apple compressed dmg archives to standard image disk files with support for zlib, bzip2, and LZFSE compression.
Free
FastIR Collector View FastIR Collector
A console program for file recovery through data carving.
Free
FEX Imager™ View FEX Imager™
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.
Free
Foremost View Foremost
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.
Free
ForensicMiner v1.4 View ForensicMiner v1.4
A Python-based engine for automatic creation of timelines in digital forensic analysis
Free
Forensic Registry EDitor (FRED) View Forensic Registry EDitor (FRED)
Web interface for the Volatility Memory Analysis framework with advanced features.
Free
Forensia View Forensia
A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.
Free
Fridump View Fridump
A library to access and parse Windows Shortcut File (LNK) format.
Free
GitTools View GitTools
A command line utility for managing volume shadow copies with capabilities for evasion, persistence, and file extraction.
Free
gvfs View gvfs
An anti-forensic kill-switch tool for USB ports to shut down the computer immediately in case of unauthorized access.
Free
hashlookup-forensic-analyser View hashlookup-forensic-analyser
A Python 2.x tool for memory analysis on Mac OS X systems with support for various OS versions and memory image export capabilities.
Free
Hayabusa View Hayabusa
A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.
Free
Free
Hindsight View Hindsight
A forensic tool to find hidden processes and TCP/UDP ports by rootkits or other hidden techniques.
Free
hivex View hivex
A digital forensic tool for creating forensic images of computer hard drives and analyzing digital evidence.