An international team of forensics experts, led by SANS Faculty Fellow Rob Lee, created the SANS Investigative Forensic Toolkit (SIFT) Workstation and made it available to the whole community as a public service. The free SIFT toolkit, that can match any modern forensic tool suite, is also featured in SANS' Advanced Computer Forensic Analysis and Incident Response course (FOR 508). It demonstrates that advanced investigations and responding to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
The SIFT Workstation is a VMware appliance, pre-configured with the necessary tools to perform detailed digital forensic examination in a variety of settings. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many new capabilities and tools such as log2timeline that provides a timeline that can be of enormous value to investigators.
Collection of single use scripts written for windows forensics
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
This little tools is designed to get geolocalization information of a host, it get the information from two sources (maxmind and geoiptool). It's useful when doing forensics, log analisis, or just plain curiosity.
This java based application helps you parse contents of your script e.g. PHP scripts and automatically convert it as hex value, some pentesters use this method to test for possible sql injection vulnerability in a website.
R-STUDIO is a family of powerful, cost-effective disk recovery software. Originally developed by R-Tools Technology, Inc. for experienced data recovery professionals, R-Studio has been redesigned as a scalable, user-friendly all-in-one data recovery tool. By coupling our most advanced file recovery and disk repair technology with an intuitive user-interface, R-Studio provides enterprise and professional-level data recovery specialists the tools they need without hindering the experience of entry-level users.
Guidance Software is recognized globally as a world leader in Digital Forensics, Cyber Security, and E-Discovery solutions. Our services include incident response, computer forensics, and litigation support, provided by experts with hands-on experience in digital investigation. Each year we also train over 6,000 corporate, law enforcement, and government professionals in digital forensics, e-discovery, security, and incident response.
The Sleuth Kit (TSK) is a C library and a collection of command line tools. Autopsy is a graphical interface to TSK. TSK can be integrated into automated forensics systems in many ways, including as a C library and by using the SQLite database that it can can create. The Sleuth Kit Hadoop Framework is a framework that incorporates TSK into cloud computing for large scale data analysis.
Solar winds is a suite of network tools that make the administrators job easier. They have been around for a long time and their tools can be easily used for hacking.
Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.