251 tools indexed

🔬

Digital Forensics

16 tools indexed

Digital forensics tools for disk imaging, memory analysis, file carving, log timeline reconstruction, and evidence preservation. Used by incident responders, law enforcement, and security analysts to investigate breaches and recover digital evidence.

Volatility 3

Advanced memory forensics framework. Extracts artifacts from RAM dumps — processes, network connections, registry.

memoryram-dumpartifact-extractionincident-response

Autopsy

Digital forensics platform with GUI. Disk image analysis, timeline analysis, keyword search, hash filtering.

disk-forensicsguitimelinefile-carving

Ghidra

NSA's reverse engineering framework. Disassembly, decompilation, graphing, and scripting for binary analysis.

reverse-engineeringdecompilerbinary-analysisnsa

66.6k7.3k3d ago

Binwalk

Firmware analysis tool. Searches binary images for embedded files, executables, and file systems.

firmwarebinaryextractionembedded

13.8k1.8k1mo ago

YARA

Pattern matching swiss knife for malware researchers. Create rules to identify and classify malware samples.

malwarepattern-matchingrulesclassification

9.5k1.6k1mo ago

Velociraptor

Endpoint visibility and collection tool. Hunt for artifacts across thousands of endpoints simultaneously.

endpointhuntingdfirartifact-collection

Plaso (log2timeline)

Super timeline creation engine. Extracts timestamps from multiple forensic artifact sources into a single timeline.

timelinelog-analysisartifactsuper-timeline

Radare2

Portable reversing framework. Disassembly, debugging, analysis, patching, and scripting in a single CLI.

reverse-engineeringdisassemblerdebuggerscripting

23.4k3.2k1d ago

Cutter

GUI for Radare2. Makes reverse engineering accessible with graphs, decompiler, and hex editor built in.

reverse-engineeringguiradare2decompiler

18.6k1.3k5d ago

The Sleuth Kit

Collection of command-line tools for forensic analysis of disk images and file systems.

disk-forensicsfile-systemanalysisimaging

CyLR

Live response collection tool for quickly gathering forensic artifacts from hosts during incident response.

incident-responseartifact-collectionlive-responsetriage

Chainsaw

Rapidly search and hunt through Windows forensic artifacts like event logs, MFT, and Shimcache using Sigma rules.

windows-forensicsevent-logssigma-rulesthreat-hunting

Hayabusa

Windows event log fast forensics timeline generator and threat hunting tool with built-in Sigma rule support.

windows-eventstimelinesigmadfir

oletools

Python tools for analyzing OLE and MS Office files — detect VBA macros, embedded objects, and malicious content.

office-analysisvba-macrosolemalware-analysis

PE-sieve

Scans running processes for suspicious in-memory modifications including hollowing, hooking, and code injection.

process-scanningmemory-forensicscode-injectionmalware-detection

capa

Automatically identify capabilities in executable files — detects techniques like persistence, C2, and anti-analysis.

malware-analysiscapability-detectionreverse-engineeringtriage

Related Categories

General OSINT

14 tools

Crypto Tracing

43 tools

Mobile Security

9 tools