Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.

A high-speed forensic timeline engine for Windows forensic artifacts built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.

Digital Forensics Essentials (DFE)

Forensic Linux VM for Apple Silicon, ARM64 and x86-64 compatible platforms

PEInsight is a fast and efficient command-line tool for parsing Windows Portable Executable (PE) files, written in C.

Masstin: High-Speed DFIR Tool written in Rust and Graph Visualization in Neo4j for Comprehensive Lateral Movement Analysis

Android RAM Parser

Tools to decrypt files from the apk Vault - Hide Pics, App Lock

Cross-platform Forensic Imaging Tool

Artifact acquisition and the analysis of REGISTRY hives

This tool is designed to scan log files for various security events and present the findings in an easy-to-read table format directly in your terminal. It includes features for custom pattern detection and provides recommended remedies for detected issues.

ProcMon Visualizer