Top 10 free tools for digital forensic investigation

Author: GFI Software
24547 View
2m 35s Lenght
153 Rating

Read the full report here: http://www.gfi.com/blog/top-10-free-tools-for-digital-forensic-investigation-video/ We've compiled the top 10 free tools to help you become a super sleuth. http://digital-forensics.sans.org/community/downloads Sans Sift is a complete investigative toolkit that runs of a Ubuntu based live CD. It has a wealth of applications that will allow you to conduct in-depth forensic and incident response investigations. http://www.sleuthkit.org The Sleuth Kit also offers an in-depth analysis of file systems.It comes packaged with Autopsy that offers additional features, including, timeline analysis, hash filtering, file system analysis and keyword searching. http://www.accessdata.com/support/product-downloads FTK Imager provides you with a data preview and imaging tool allowing you to view findings in Windows Explorer. It can examine files and folders on local and network drives, and also review the contents of memory dumps. http://www.deftlinux.net If you want a bundle of popular free forensic tools, then look no further than DEFT. It includes tools for mobile a network forensics, data recovery, and hashing. https://code.google.com/p/volatility/wiki/Release23 Volatility extracts digital artefacts from RAM dumps, giving you details of running processes, open network sockets, DLL's loaded, and a host other information. http://www.nirsoft.net/utils/computer_activity_view.html If you want to know the last user actions and events that occurred on a machine, then give LastActivityView a try. The information it uncovers can be exported to a CSV, SML or HTML file. http://mh-nexus.de/en/hxd/ HxD is a user-friendly low-level hex editor that can be used on raw disk or main memory. It has a wealth of features, including exporting, file shredding and splitting of files. http://www.caine-live.net Computer Aided Investigated Environmental, or CAINE, is a user-friendly way to create reports for your investigations as well as also packing some good forensic tools. https://www.mandiant.com/resources/download/redline Want to examine a specific host? Mandiant RedLine will do that by collecting a huge amount of information on running processes, drivers, file system metadata, event logs and many other elements. http://www.plainsight.info And finally, PlainSight is a live CD that allows you to perform forensic tasks such as looking into Internet histories, gathering data on USB device usage, extracting password hashes and others. These tools will allow you to get to grips with digital forensics, perform analysis, and track down those that would do your network, or your organization harm. So should you use these tools? Well of course you should. Head on over to http://www.gfi.com/blog for more.

Comments

  1. I am just starting in computer forensics. Any advice?
  2. She has NO idea of what she is talking about
  3. getting "bad parameter" message when attempting to share with fb... whatever that means???  silly me... both this and the network monitoring & analysis... also sound is not working on either... "is it me or you, dear?"  ;)