Efs Forensic

FCCU GNU/Linux Forensic Bootable CD is a bootable CD based on KNOPPIX that contains a lot of tools suitable for computer forensic investigatins, including bash scripts. FCCU GNU/Linux Forensic Boot CDs main purpose is to create images of devices prior to analysis, and it is used by the Belgian...

Mobius Forensic Toolkit is an open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files, for easy integration with other tools.

EFS is a free email routing utility that pulls mail from a single mail account at your ISP and distributes the messages to users mailboxes on a local mail server (such as Microsoft Exchange) Unlimited users, account aliasing, brief and detailed transaction windows, scheduling, transaction logging...


Platforms: Windows

The Digital Forensic Tool Testing (DFTT) project creates test images for digital forensic acquisition and analysis tools. These images can be used by a tool developers and owners to test their software.


Platforms: Windows, Mac, Linux

DEFT (acronym of Digital Evidence & Forensic Toolkit) is a customized Linux distribution of the Kubuntu live Linux CD. It is a very easy to use system that includes an excellent hardware detection and the best open source applications dedicated to incident response and computer forensics....


Platforms: *nix

SIGOF (Security Information Graphics Oriented Forensic) has been developped as a complement of ACID or BASE project by implementing useful and detailed graphical presentation of security information/events. SIGOF is a web-based project, written in PHP, and it can exploit any secuity information...


Platforms: *nix

The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file and volume system forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non-intrusive fashion. Because the tools do not rely on the operating system to...


Platforms: *nix

FLAG (Forensic and Log Analysis GUI) was designed to simplify the process of log file analysis and forensic investigations. Often, when investigating a large case, a great deal of data needs to be analysed and correlated.PyFlag uses a database as a backend to assist in managing the large volumes...


Platforms: Windows, Mac, *nix, Python, BSD Solaris

Cartesio is a web-based groupware application for Linux with PHP, MySQL, Apache, SSL oriented to forensic laboratories.


Platforms: Windows, Mac, *nix, PHP, BSD Solaris

4buntu is a set of scripts to install a collection of digital forensic tools on top of a Linux system. The tools provide a complete forensic workstation to investigate different systems such as Windows, Linux and Mac OS X.


Platforms: *nix

The Examiner is an application that utilizes the objdump command to disassemble and comment foreign executable binaries. This app was designed to analyze static compiled binaries but works ok with others. The intention is for forensic research but could also be used in general reverse...


Platforms: *nix

FileSystem Investigator is a platform independent file system viewer and data extraction tool. It allows the user to: * View the contents of the target file system in a forensicly safe manner, bypassing the normal operating system mechanisms. * Extract files and whole directory trees of files...


Platforms: *nix

Bring National Geographic to life in Lilly Wu and the Terra Cotta Mystery, and lead a forensic expedition to settle a 2,000 year-old mystery. Emperor Qin was the first Emperor of China who died under mysterious circumstances. Was it an accident, or an assassination? Two thousand years later, the...


Platforms: Mac

Glary Undelete is a free and easy-to-use yet powerful file undelete solution for FAT and NTFS file systems. It will bring back files emptied from the Recycle Bin, in a DOS window, from Windows Explorer with the SHIFT key held down. It will even recover files that have been deleted by bugs,...


Platforms: Windows

This program was designed and implemented with the goal of automatically generating extemporaneous speaking files in digital format as per National Forensic League rules.


Platforms: Windows, Mac, Linux

Explore the internal file structure of your iphone (or of a seized phone in the case of forensic teams) using either the iphone's own backup files or (for jail broken iphones) ssh. Viewing of plist, sqlite, and hex are supported. IOS 4 is now supported


Platforms: Windows, Mac, Linux

This is meant for manual face comparison for forensic use. Details of the face can be compared with as side-by-side screen and the findings can be given on a digital sheet. All kinds of operations are possible with the face.


Platforms: Windows, Mac, Linux

SIGOF (Security Information Graphics Oriented Forensic) aims at synthetizing security log, stored in a acid/base database schema, in order to provide a graphical / visual oriented security forensic and statistical analysis.


Platforms: Windows, Mac, Linux

STRStat is a statistical package to calculate various parameters used in forensic science. It is also able to graphically display the distribution of the population and calculate the probability of appearance for a specific phenotype.


Platforms: Windows, Mac, Linux

PTK is an alternative advanced interface for the suite TSK (The Sleuth Kit).Ptk-forensics was developed from scratch and besides providing the functions already present in Autopsy. It also implements numerous new features essential during forensic activity.


Platforms: PHP