Digital Forensics and Incident Response

Digital Forensics and Incident Response

CBRX on SecurityListing: CBRX is a cloud-based platform that automates incident analysis and reporting for cybersecurity teams.

Digital Forensics and Incident Response

PEview on SecurityListing: A PE/COFF file viewer that displays header, section, directory, import table, export table, and resource information within various file types.

Digital Forensics and Incident Response

exif on SecurityListing: A command-line utility to show and change EXIF information in JPEG files

Digital Forensics and Incident Response

Metadefender Cloud on SecurityListing: Advanced threat prevention and detection platform leveraging Deep CDR, Multiscanning, and Sandbox technologies to protect against data breaches and ransom attacks.

Digital Forensics and Incident Response

Art of Memory Forensics on SecurityListing: A comprehensive guide to memory forensics, covering tools, techniques, and procedures for analyzing volatile memory.

Digital Forensics and Incident Response

Nomoreransom on SecurityListing: No More Ransom is a collaborative project to combat ransomware attacks by providing decryption tools and prevention advice.

Digital Forensics and Incident Response

AccessData FTK Imager on SecurityListing: A digital forensic tool for creating forensic images of computer hard drives and analyzing digital evidence.

Digital Forensics and Incident Response

Intelligence-Driven Incident Response on SecurityListing: ENISA Training Resources offers online training material for cybersecurity specialists, covering technical areas such as artefact handling and analysis.

Digital Forensics and Incident Response

LastActivityView on SecurityListing: A tool that collects and displays user activity and system events on a Windows system.

Digital Forensics and Incident Response

Explorer Suite on SecurityListing: A freeware suite of tools for PE editing and process viewing, including CFF Explorer and Resource Editor.

Digital Forensics and Incident Response

Practical Memory Forensics on SecurityListing: A practical guide to enhancing digital investigations with cutting-edge memory forensics techniques, covering fundamental concepts, tools, and techniques for memory forensics.

Digital Forensics and Incident Response

Userland API Monitoring and Code Injection Detection on SecurityListing: Explores malware interaction with Windows API and methods for detection and prevention.

Digital Forensics and Incident Response

CyberCPR on SecurityListing: Incident response and case management solution for efficient incident response and management.

Digital Forensics and Incident Response

cabextract on SecurityListing: Free software for extracting Microsoft cabinet files, supporting all features and formats of Microsoft cabinet files and Windows CE installation files.

Digital Forensics and Incident Response

Threat.Zone on SecurityListing: Holistic malware analysis platform with interactive sandbox, static analyzer, and emulation capabilities.

Digital Forensics and Incident Response

Contagio Mobile on SecurityListing: A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.

Digital Forensics and Incident Response

Binalyze AIR on SecurityListing: Modern digital forensics and incident response platform with comprehensive tools.

Digital Forensics and Incident Response

Belkasoft X Forensic on SecurityListing: A reliable end-to-end DFIR solution for boosting cyber incident response and forensics capacity.

Digital Forensics and Incident Response

CrowdStrike Community Tools on SecurityListing: Free tools for the CrowdStrike customer community to support their use of the Falcon platform.

Digital Forensics and Incident Response

Belkasoft Evidence Center on SecurityListing: Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.

Digital Forensics and Incident Response

Magnet ACQUIRE on SecurityListing: Magnet ACQUIRE offers robust data extraction capabilities for digital forensics investigations, supporting a wide range of devices.

Threat Intelligence Platforms

Hybrid-Analysis on SecurityListing: Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.

Digital Forensics and Incident Response

MFTECmd on SecurityListing: A command-line tool for managing and analyzing Microsoft Forefront TMG and UAG configurations.

Digital Forensics and Incident Response

Valkyrie Comodo on SecurityListing: Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.

Digital Forensics and Incident Response

GNU Binutils on SecurityListing: A collection of binary tools for various purposes including linking, assembling, profiling, and more.

Digital Forensics and Incident Response

Detecting Lateral Movement through Tracking Event Logs (Version 2) on SecurityListing: A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.

Digital Forensics and Incident Response

FEX Imager™ on SecurityListing: Forensic imaging program with full hash authentication and various acquisition options.

Digital Forensics and Incident Response

PhotoRec on SecurityListing: A free, open-source file data recovery software that can recover lost files from hard disks, CD-ROMs, and digital camera memory.

Digital Forensics and Incident Response

ExoneraTor on SecurityListing: Check if an IP address was used as a Tor relay on a given date.

Digital Forensics and Incident Response

Echotrail Insights on SecurityListing: Search engine for Windows executable files and hashes, providing insights into file prevalence, behavior, and security information.

Digital Forensics and Incident Response

JS NICE on SecurityListing: Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.

Digital Forensics and Incident Response

Binary Ninja on SecurityListing: Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.

Digital Forensics and Incident Response

dfir.org on SecurityListing: Andrew Case's personal page for research, software projects, and speaking events

Digital Forensics and Incident Response

Netdude on SecurityListing: Network Dump data Displayer and Editor framework for tcpdump trace files manipulation.

Digital Forensics and Incident Response

Forensic Registry EDitor (FRED) on SecurityListing: A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.

Digital Forensics and Incident Response

Viper on SecurityListing: A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.

Digital Forensics and Incident Response

extundelete on SecurityListing: A utility for recovering deleted files from ext3 or ext4 partitions.

Digital Forensics and Incident Response

Foremost on SecurityListing: A console program for file recovery through data carving.

Digital Forensics and Incident Response

Granef on SecurityListing: A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.

Digital Forensics and Incident Response

ERM Protect Digital Forensics on SecurityListing: Digital forensics services provided by ERM Protect

Digital Forensics and Incident Response

Amazon Detective on SecurityListing: A service that analyzes and visualizes security data to investigate potential security issues.

Digital Forensics and Incident Response

strings on SecurityListing: A command-line utility for extracting human-readable text from binary files.

Digital Forensics and Incident Response

edb on SecurityListing: edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.

Digital Forensics and Incident Response

THOR Lite on SecurityListing: A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.

Digital Forensics and Incident Response

Charles Web Debugging Proxy on SecurityListing: An HTTP proxy, monitor, and reverse proxy tool for viewing HTTP and SSL/HTTPS traffic.

Digital Forensics and Incident Response

NETRESEC on SecurityListing: Independent software vendor specializing in network security tools and network forensics.

Digital Forensics and Incident Response

Workbench on SecurityListing: A scalable python framework for security research and development teams.

Digital Forensics and Incident Response

dc3dd on SecurityListing: dc3dd is a patch to the GNU dd program, tailored for forensic acquisition with features like hashing and file verification.

Digital Forensics and Incident Response

netsniff-ng toolkit on SecurityListing: netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.

Threat Hunting

Intezer on SecurityListing: Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.

Digital Risk Protection

GroupSense Ransomware Readiness on SecurityListing: Ransomware preparedness & response service with playbooks and negotiation

Digital Forensics and Incident Response

Axence ConnectPro on SecurityListing: Remote access and IT support tool for workstation management and diagnostics

Digital Forensics and Incident Response

Tracking a stolen code-signing certificate with osquery on SecurityListing: Detect signed malware and track stolen code-signing certificates using osquery.

Digital Forensics and Incident Response

MFT Parsers Review on SecurityListing: Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.

Digital Forensics and Incident Response

Redline on SecurityListing: A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.

Threat Intelligence Platforms

The DFIR Report on SecurityListing: In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.

Digital Forensics and Incident Response

X-Ways Forensics on SecurityListing: Advanced computer forensics software with efficient features.

Digital Forensics and Incident Response

ORNA Breach Response & Digital Forensics on SecurityListing: 24/7 breach response and digital forensics service for incident handling

Help AG

Cloud Security

Help AG is a leading cybersecurity firm and the cybersecurity arm of e& enterprise, delivering managed security, consulting, and end-to-end cybersecurity services across the Middle East, including the

Digital Forensics and Incident Response

Timeline Explorer v0.4.0.0 on SecurityListing: A powerful tool for analyzing and visualizing system activity timelines.

Digital Forensics and Incident Response

WinHex on SecurityListing: Universal hexadecimal editor for computer forensics, data recovery, and IT security.

Digital Forensics and Incident Response

Sucuri Website Malware Removal & Protection on SecurityListing: Website malware removal service with WAF, monitoring, and cleanup support

Digital Forensics and Incident Response

RTIR on SecurityListing: Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.

Threat Intelligence Platforms

VX-Underground on SecurityListing: VX-Underground is a vast online repository of malware samples, featuring various collections for cybersecurity professionals and researchers to analyze and combat cyber threats.

Digital Forensics and Incident Response

WebMax Tools Privacy Encoders / Decoders / Hash Generators on SecurityListing: Encode or encrypt strings to various hashes and formats, including MD5, SHA1, SHA256, URL encoding, Base64, and Base85.

Digital Forensics and Incident Response

SolarWinds Incident Response on SecurityListing: Incident response platform for alert management, collaboration, and remediation

Digital Forensics and Incident Response

xxd on SecurityListing: A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.

Digital Forensics and Incident Response

WinDbg on SecurityListing: Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.

Digital Forensics and Incident Response

tcpick on SecurityListing: A textmode sniffer for tracking tcp streams and capturing data in various modes.

Digital Forensics and Incident Response

tcpxtract on SecurityListing: A tool for extracting files from network traffic based on file signatures with support for various file formats and scalable search algorithm.

Threat Intelligence Platforms

win10upgrade on SecurityListing: MetaDefender Cloud offers advanced threat prevention using technologies like Multiscanning, Deep CDR, and Sandbox.

Threat Intelligence Platforms

ORNA End-to-End AI Cyber Incident Response Platform on SecurityListing: AI-powered cyber incident response platform for training, orchestration & mgmt

Digital Forensics and Incident Response

testdisk on SecurityListing: TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.

Digital Forensics and Incident Response

WindowsSCOPE on SecurityListing: A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.

Digital Forensics and Incident Response

The Sleuth Kit & Autopsy on SecurityListing: Autopsy is a GUI-based digital forensics platform for analyzing hard drives and smart phones, with a plug-in architecture for custom modules.

Digital Forensics and Incident Response

WayBackMachine on SecurityListing: A digital archive of the internet, allowing users to capture and browse archived web pages.

Digital Forensics and Incident Response

ResourcesExtract on SecurityListing: Extracts resources (bitmaps, icons, cursors, AVI movies, HTML files, and more) from dll files

Digital Forensics and Incident Response

Steghide on SecurityListing: Steghide is a steganography program for hiding data in image and audio files.