Free Computer Forensic Software's list - by Forensic Control
raiyankhair47
38 views
18 slides
Jul 09, 2024
Slide 1 of 18
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
About This Presentation
Forensic Control, a London-based cybersecurity & computer forensics company, created this public list of free
computer forensic software in 2011. It was last updated on 29 November 2017. This is the last version of the list – it
will no longer be updated,
Forensic Control provides no support o...
Slide Content
FORENSIC
CYBER SECURITY & RISK MANAGEMENT
2
nl ul ri TNT pany
CYBER SECURITY & RISK MANAGEMENT
2
nl ul ri TNT pany
nal jounts disk images as complete disks in Windows, giving a
Guidance reate EnCase evidence files and EnCase lo
oftware
Edit EWF (E01) meta data,
ser designed to forensically capture web pat
imager under running under Linu
[direct
‚load link]
Guidance reate EnCase evidence files and EnCase lo
oftware
Edit EWF (E01) meta data,
ser designed to forensically capture web pat
imager under running under Linu
[direct
‚load link]
Network analysis tool. Detect siname and open ports of network hosts
packet sniffing/PCAP parsing,
Captures physical memon uspect's computer. V x 0, and
2003, 2008, 2012. 32 & 64 bit.
Mounts a wide range of disk images. Also a
Lepide Softwar en and view (not export) Outlook EDB files without an E:
packet sniffing/PCAP parsing,
Captures physical memon uspect's computer. V x 0, and
2003, 2008, 2012. 32 & 64 bit.
Mounts a wide range of disk images. Also a
Lepide Softwar en and view (not export) Outlook EDB files without an E:
multiple files using Boolean operators and Perl Re
nlocatic file comparison, verification, logging,
nlocatic file comparison, verification, logging,
DS and SHA1 hashes
Arkane Systems Automatically moves mouse pointer stopping screen saver, hibernation etc
Enables software write-blocking of USB ports.
eating and working with a
Arkane Systems Automatically moves mouse pointer stopping screen saver, hibernation etc
Enables software write-blocking of USB ports.
eating and working with a
Allan Hay a a and Wind
Find strings in binary data, including regular expr
Nindows console application to aid gathering of system information for incident
response and security en
tal Detective nverts various data t
Recursivel ders of every eCryptts file in selected directory. Outputs
encryption algorithm used, original file si
Find strings in binary data, including regular expr
Nindows console application to aid gathering of system information for incident
response and security en
tal Detective nverts various data t
Recursivel ders of every eCryptts file in selected directory. Outputs
encryption algorithm used, original file si
Phil Harvey dit Exif data in a large number of filetypes.
Ian 9 files using text, graphic or hist
View and expo:
Network packet capture an
cursively pars: xtract meta data from MS C enOffice and PDF
Lists EXIF, and where available, GPS data for all photographs present in a directo
Export data to .xis or Google Earth KML format.
Ian 9 files using text, graphic or hist
View and expo:
Network packet capture an
cursively pars: xtract meta data from MS C enOffice and PDF
Lists EXIF, and where available, GPS data for all photographs present in a directo
Export data to .xis or Google Earth KML format.
je and extract
Analyse 1
fortext
ch, INFO2 ar
Analyse 1
fortext
ch, INFO2 ar
Blackbag Lists items connected to the computer (e... SATA, USB and FireWire Drives, software
RAID sets). Can locate partition information, including sizes, types, and the bus to
h the onnected.
lackbag Displays the physical partitioning of the specified device. Can be used to map out al
the drive information, accounting for all used sectors.
RAID sets). Can locate partition information, including sizes, types, and the bus to
h the onnected.
lackbag Displays the physical partitioning of the specified device. Can be used to map out al
the drive information, accounting for all used sectors.
from Android devices.
Nanni Bassett!
Linux based live CD, featuring a number of analysis tool
Analyses volumes, file systems, user and applications data, extracting metadata,
deleted and hi
Comprehensive penetration testing pl
are Appliance pre-configured with multiple t wing digital forensic
inatio
acts from RAM.
Linux based live CD, featuring a number of analysis tool
Analyses volumes, file systems, user and applications data, extracting metadata,
deleted and hi
Comprehensive penetration testing pl
are Appliance pre-configured with multiple t wing digital forensic
inatio
acts from RAM.
(not save or export contents up files.
xport from) E01 files & vie ithin EDB, PST 8 OST
SysTool v e or export) MSG file emails and attachments
View most multimedia files and DVD, Audio CD, VCD, e
xport from) E01 files & vie ithin EDB, PST 8 OST
SysTool v e or export) MSG file emails and attachments
View most multimedia files and DVD, Audio CD, VCD, e
Software Captures history from Firefox, Chrome, Internet Explorer and Edc
running on Windows computers.
Python module for performing off-line parsing of Chrom:
Session”, “Last "Current Tabs”, "Last Tabs’)
Extracts embe:
used as well as dates of and the num!
1 publicly available in F4
Extract s rom Internet Explorer ver
Current
running on Windows computers.
Python module for performing off-line parsing of Chrom:
Session”, “Last "Current Tabs”, "Last Tabs’)
Extracts embe:
used as well as dates of and the num!
1 publicly available in F4
Extract s rom Internet Explorer ver
Current
arses the cookie folder of Firefox
mad search engines (Google ‘and MSN)
orking sites (Twitter, Fac
pera ser, and displays the list of
Reviews list o inthe history files of the m
mad search engines (Google ‘and MSN)
orking sites (Twitter, Fac
pera ser, and displays the list of
Reviews list o inthe history files of the m
Dumps list of shi
modification dates.
Examine W
For the acquisition,
Presents visual repr
Additionally
entries showi
ses and registry threads in real time.
analysis, and reporting of registry contents.
tion and correlation tool
of what a users directory structure looked like.
various timestamps (8.9. first explored, las!
modification dates.
Examine W
For the acquisition,
Presents visual repr
Additionally
entries showi
ses and registry threads in real time.
analysis, and reporting of registry contents.
tion and correlation tool
of what a users directory structure looked like.
various timestamps (8.9. first explored, las!
0+ attributes relating to USB dei
idler Steven: Displays list of programs run, with run count and last run date and time.
ne Dropbox flecache.dbx file which stores information about files that have
‚ed to the cloud using Dropbox.
idler Steven: Displays list of programs run, with run count and last run date and time.
ne Dropbox flecache.dbx file which stores information about files that have
‚ed to the cloud using Dropbox.
Extracts various data from the KaZaA application
Nirsoft
Nirsoft xtracts recently visited Intemet Expl
Nirsoft
Nirsoft xtracts recently visited Intemet Expl
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 38
- Slides 18
- Age 511 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
46 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
46 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
21 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views