Free Digital Forensics Tools

A list of free digital forensics tools to analyze memory dumps, network captures or extract deleted files from storage devices.

Introduction

Digital forensics is the process of recovering and investigating electronic data.

This forensic science is mostly used by law enforcement but some companies hire digital forensics experts to investigate on unauthorized network intrusion.

The typical forensic process encompasses the seizure, forensic imaging and analysis of digital media and the production of a report into collected evidence.

This list contains some of the best free digital forensics softwares available on the internet.

Network Forensics Tools

Tools to analyze network traffic for the purposes of information gathering or intrusion detection.

NetworkMiner

NetworkMiner can extract credentials, files and certificates transferred over the network.

Wireshark

Wireshark is the world's foremost network protocol analyzer.

Computer Forensics Tools

Tools to examine digital media for the recovering of digital information.

bulk_extractor

bulk_extractor is a program that scans a file, or a directory of files and extracts useful information.

Digital Forensics Framework

The Digital Forensics Framework is computer forensics open-source software with a nice GUI.

The Sleuth Kit

The Sleuth Kit is a free and open source collection tools to analyze computer systems.

TestDisk

TestDisk is a data recovery software to recover lost partitions.

Memory Forensics Tools

Tools to analyze a computer's memory dump for the recovering of digital information.

Rekall

Rekall is a modular memory analysis framework based on Volatility.

Volatility

The Volatility Framework is collection of tools for the extraction of digital artifacts from volatile memory.

Misc Tools

ExifTool

A great tool to read, write and edit metadata from files.

peepdf

A Python tool to explore PDF files.

Share