📌 相关文章
- Kali Linux – 取证工具(1)
- Kali Linux-取证工具(1)
- Kali Linux-取证工具
- Kali Linux – 取证工具
- Kali Linux 工具
- Kali Linux 工具(1)
- Linux中的Python取证
- Linux中的Python取证(1)
- 安装工具 kali linux - Shell-Bash (1)
- 取证 (1)
- 安装工具 kali linux - Shell-Bash 代码示例
- kali linux - C# (1)
- kali linux (1)
- Kali Linux-报告工具(1)
- Kali Linux报告工具
- Kali Linux报告工具(1)
- Kali Linux-报告工具
- Python取证-网络取证(1)
- Python取证-网络取证
- kali 工具 - Shell-Bash (1)
- Kali Linux Web应用程序工具
- Kali Linux Web应用程序工具(1)
- Python取证-移动取证(1)
- Python取证-移动取证
- Python取证-内存和取证(1)
- Python取证-内存和取证
- kali linux - C# 代码示例
- kali 工具 - Shell-Bash 代码示例
- kali linux 桌面小工具 - Shell-Bash (1)
📜 Kali Linux取证工具
📅 最后修改于: 2021-01-05 05:00:36 🧑 作者: Mango
法证工具
| Tools | Description |
|---|---|
| Binwalk | It is a tool for searching a given binary image for embedded files and executable code. |
| bulk-extractor | It extracts information without parsing file systems such as e-mail addresses, credit card numbers, URLs, and other types of details from digital evidence files. |
| Capstone | It is a framework used for binary analysis and reversing. It supports multiple hardware architectures and provides semantics of the disassembled instruction. |
| chntpw | It is used to view information and change user passwords in Windows NT/2000 user database file. |
| Cuckoo | It is a malware analysis system that can provide you the details of suspicious files you asking for. |
| dc3dd | It is a patched version of GNU dd with added features for computer forensics. |
| ddrescue | It duplicates data from one file or block device to another specified file or block. |
| DFF | DFF stands for Digital Forensic Framework. It is used to quickly and easily collect, preserve, and reveal digital evidence without compromising systems and data. |
| diStorm3 | It is a lightweight, easy-to-use, and fast decomposer library that disassembles a staged reverse shell generated by msfpayload. |
| Dumpzilla | Dumpzilla is a tool to extract all forensic related information of Firefox, Iceweasel, and Seamonkey browsers to analyse. |
| extundelete | This tool is used to recover deleted files from ext3/ext4 file system partition. |
| Foremost | It is a forensic tool to recover lost files based on their headers, footers, and internal data structures. |
| Galleta | It is a forensic tool that examines the content of cookies produced by Internet explorer. |
| Guymager | It is a free forensic imager for media access. It generates flat, EWF, and AFF images support disk cloning. |
| iPhone Backup Analyzer | It is a backup utility designed to browse easily through the backup folder of an iPhone. |
| p0f | It is a traffic fingerprinting mechanism to identify the process behind any incidental TCP/IP communications without disturbing the process in any way. |
| Pdf-parser | It is used to parse a PDF document to identify the fundamental elements used in the analysed file. |
| pdfid | It scans a file to look for certain pdf keywords, allowing you to identify PDF documents that contain JavaScript. |
| pdgmail | It extracts Gmail artefacts from a pd process memory dump |
| peepdf | It is a pdf analysis tool to explore PDF files in order to find if the file can be harmful or not. |
| RegRipper | It extracts information from the windows registry and presents it for analysis. |
| Volatility | It is a memory forensic analysis platform to extracts the digital artefacts from the RAM samples. |
| Xplico | It is a network forensic analysis tool that extracts application data from internet traffic. |