Free
Hoarder
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
Digital Forensics
Digital forensics for incident response. Uncover digital evidence to understand and resolve security breaches effectively.
Try these 212 AI Digital Forensics Tools
Free
IE10Analyzer
A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.
Free
iLEAPP
Forensic imaging program with full hash authentication and various acquisition options.
Free
imobax
A script for extracting common Windows artifacts from source images and VSCs with detailed dependencies and usage instructions.
Free
imagemounter
A tool with advanced filtering capabilities for analyzing events based on time, path, weekday, and date.
Free
Incident Response & Computer Forensics, Third Edition
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
Free
iOS Frequent Locations Dumper
Toolkit for performing acquisitions on iOS devices with logical and filesystem acquisition support.
Free
iOSForensic
A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.
Free
iPBD2 - iPhone Backup Decoder and Analyzer
Forensics tool for exploring offline Docker filesystems.
Free
IPED Digital Forensic Tool
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
Free
IRTriage
Tool for live forensics acquisition on Windows systems, collecting artefacts for early compromise detection.
Free
Katana
A modified version of GNU dd with added features like hashing and fast disk wiping.
Free
kube-forensics
Rekall is a discontinued project that aimed to improve memory analysis methodology but faced challenges due to the nature of in-memory structure and increasing security measures.
Free
LFI-Enum
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
Free
libesedb
Collects and organizes Linux OS data for detailed analysis and incident response.
Free
libfsapfs
MFT and USN parser for direct extraction in filesystem timeline format with YARA rule support.
Free
libewf
Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.
Free
libevtx
Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.