DFTOOLS

A curated list of Digital Forensics Tools with some useful links & usage. To get information about any other tool please visit the Forensic Wiki.

📢 Some Important Concepts

• Digital Forensics: An applicaiton of science to uncover facts, solve crime by acquiring the evidence
  analyzing the evidence and finally prepping it for any court of law. All the steps must be completed while
  maintaining the chain of custody and integrity.

• Forensic Image/Copy: This term refers to a bit perfect copy/clone of any storage device.
  It is important to understand that any forensic cloning tool worth it's salt would ensure integrity of evidence.
  This is why in forensic terms a simple backup is not enough.

• Data recovery tools look into unallocated sectors to find the files that were thought to be lost. They reach out
  to a very low level, below all the abstraction layers.

📝 Forensic Copy

• DC3DD
• DD
• DCFLDD
• Guymager

♻️ Data Recovery/Carving

• Foremost
• Bulk Extractor
• PhotoRec
• Recuva
• Scalpel

🈹 Multi-Purpose Kits

• Autopsy
• SIFT(Sans Investigative Forensic Toolkit)
• CyLR
• KAPE
• MobSF

📊 Metadata analysis

• Exiftool

📟 Network Forensic Analysis Tool (NFAT)

• Xplico

Contribution Guidelines

1. Fork the repository.
2. Clone it.
3. Create a new file explaining a digital forensic tool, if pics are involved please upload them in pics folder and link accordingly.
4. Make an entry about that tool in the main Readme File(this file).
5. Send PR.
6. Star this Repo