Top 10 free tools for digital forensic investigation

Read the full report here: http://www.gfi.com/blog/top-10-free-tools-for-digital-forensic-investigation-video/

We’ve compiled the top 10 free tools to help you become a super sleuth.

http://digital-forensics.sans.org/community/downloads

Sans Sift is a complete investigative toolkit that runs of a Ubuntu based live CD. It has a wealth of applications that will allow you to conduct in-depth forensic and incident response investigations.

http://www.sleuthkit.org

The Sleuth Kit also offers an in-depth analysis of file systems.It comes packaged with Autopsy that offers additional features, including, timeline analysis, hash filtering, file system analysis
and keyword searching.

http://www.accessdata.com/support/product-downloads

FTK Imager provides you with a data preview and imaging tool allowing you to view findings
in Windows Explorer. It can examine files and folders on local and network drives, and also review the contents of memory dumps.

http://www.deftlinux.net

If you want a bundle of popular free forensic tools, then look no further than DEFT. It includes tools for mobile a network forensics, data recovery, and hashing.

https://code.google.com/p/volatility/wiki/Release23

Volatility extracts digital artefacts from RAM dumps, giving you details of running processes, open network sockets, DLL’s loaded, and a host other information.

http://www.nirsoft.net/utils/computer_activity_view.html

If you want to know the last user actions and events that occurred on a machine, then give LastActivityView a try. The information it uncovers can be exported to a CSV, SML or HTML file.

http://mh-nexus.de/en/hxd/

HxD is a user-friendly low-level hex editor that can be used on raw disk or main memory. It has a wealth of features, including exporting, file shredding and splitting of files.

http://www.caine-live.net

Computer Aided Investigated Environmental, or CAINE, is a user-friendly way to create reports for your investigations as well as also packing some good forensic tools.

https://www.mandiant.com/resources/download/redline

Want to examine a specific host? Mandiant RedLine will do that by collecting a huge amount of information on running processes, drivers, file system metadata, event logs and many other elements.

http://www.plainsight.info

And finally, PlainSight is a live CD that allows you to perform forensic tasks such as looking into Internet histories, gathering data on USB device usage, extracting password hashes and others.

These tools will allow you to get to grips with digital forensics, perform analysis, and track down those that would do your network, or your organization harm. So should you use these tools? Well of course you should.

Head on over to http://www.gfi.com/blog for more.

Loading...