Free forensic tools for your computer

Free forensic tools for your computer

Have you lost some data recently or do you just  have an interest in recovering files?. Here is a list of some free software to help you pursue your interest in forensics.

1.P2 eXplorer
P2 eXplorer is a forensic image mounting tool designed to help investigators manage and examine evidence. With P2 eXplorer, you can mount forensic images as read-only local logical and physical disks. Once mounted, you can explore the contents of the image using Windows Explorer or you can load it into your forensic analysis tool.

2.HxD
HxD is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size. The easy to use interface offers features such as searching and replacing, exporting, checksums/digests, insertion of byte patterns, a file shredder, concatenation or splitting of files, statistics and much more.

3.PlainSight
PlainSight is a versatile computer forensics environment that allows inexperienced forensic practitioners perform common tasks using powerful open source tools.

4.Mandiant Redline
Redline, Mandiant’s premier free tool, provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis, and the development of a threat assessment profile.

5.Digital Forensics Framework
DFF (Digital Forensics Framework) is a free and Open Source computer forensics software built on top of a dedicated Application Programming Interface (API). It can be used both by professional and non-expert people in order to quickly and easily collect, preserve and reveal digital evidences without compromising systems and data.

6.LastActivityView
LastActivityView is a tool for Windows operating system that collects information from various sources on a running system, and displays a log of actions made by the user and events occurred on this computer. The activity displayed by LastActivityView includes: Running .exe file, Opening open/save dialog-box, Opening file/folder from Explorer or other software, software installation, system shutdown/start, application or system crash, network connection/disconnection and more.

7.Bulk extractor
Computer forensics tool that scans a disk image, a file, or a directory of files and extracts useful information without parsing the file system or file system structures. The results can be easily inspected, parsed, or processed with automated tools.

8.The Sleuth Kit (+Autopsy)
Autopsy and the Sleuth Kit are open source digital investigation tools (aka digital forensic tools) that run on Windows, Linux, OS X, and other Unix systems. They can be used to analyse disk images and perform in-depth analysis of file systems (such as NTFS, FAT, HFS+, Ext3, and UFS) and several volume system types.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients

4 comments

Drakener December 20, 2014 - 9:53 pm
You could habe mentioned DART, a Linux live system you can use.
catalin marius December 20, 2014 - 5:36 pm
9. Hiren's boot CD is great when your windows is down and can't be repaired and you have important files in C. A lot of tools and MiniWinXP works great !!! Thanks for this article and sorry if i have wrong english :) !
Lord Drachenblut November 24, 2014 - 7:04 am
On articles like this could you list what platform these tools are on?
Anonymous December 31, 2014 - 12:19 am
Great idea - Also adding links would be a nice too.

Comments are closed.

Add Comment