An open-source digital forensics platform with a graphical interface for analyzing hard drives and smartphones.


A widely used digital forensic software for examining computer systems and mobile devices.

FTK (Forensic Toolkit)

A forensic software application for analyzing and recovering digital evidence.

X-Ways Forensics

A powerful and efficient digital forensic software solution.

Sleuth Kit

A collection of command-line digital forensic tools based on The Sleuth Kit.


An open-source memory forensics framework for incident response and malware analysis.

CAINE (Computer Aided INvestigative Environment)

A Linux distribution for digital forensics and incident response.

Digital Forensics Framework (DFF)

An open-source platform for digital forensics.

DEFT (Digital Evidence & Forensics Toolkit)

A Linux distribution for computer forensics.


A digital investigation and forensic software.


A comprehensive computer forensic tool for Windows.


A live CD based on Knoppix designed for computer forensics and investigation.

Forensic Email Collector

A tool for collecting email messages from source locations and preserving them in a format for analysis.

Belkasoft Evidence Center

A digital forensic solution for analyzing and recovering digital evidence.

Oxygen Forensic Detective

A mobile and cloud forensics software.


A digital forensic software solution by BlackBag Technologies.

Registry Recon

A tool for analyzing Windows registry files.

DEI Hexacorn

A collection of tools for digital forensics and incident response.


An open-source data carving tool.


A powerful data recovery software.

Axiom (Magnet Forensics)

A digital forensics platform that offers analysis, collaboration, and reporting.


A live bootable CD for digital forensics and incident response.

USB Write Blocker

A hardware device or software tool that prevents data from being written to USB devices.

Bulk Extractor

A digital forensics tool that scans a disk image, file, or directory of files and extracts useful information without parsing the file system structure.


A widely-used network protocol analyzer.


A network forensic analysis tool.

Cellebrite UFED

A mobile forensics solution for extracting data from smartphones and mobile devices.


A tool for remote forensics and eDiscovery.


A Windows registry data extraction tool.


A free endpoint investigation tool by FireEye.


An open-source tool for digital photo and image forensics.


A hex editor, disk editor, and memory editor.


A physical memory dump tool.

Autopsy Sleuth Kit Plugins

Additional plugins for Autopsy to enhance its functionality.


A kernel module for memory extraction on Windows and Linux.


A physical memory dump tool for Windows.


A tool for taking snapshots of the Windows registry.


A free, self-booting solution that enables you to create or clone exact raw disk images quickly and independent of the installed operating system.


A command-line tool for reading and writing disk images.

Autopsy Extensions

Add-ons and customizations for Autopsy.


A YARA signature-based scanner that identifies known and unknown malware.

Plaso (Log2Timeline)

A tool designed to extract timestamps from various files found on a typical computer system.

SANS SIFT Workstation

A freely available incident response and forensic toolkit to detect and respond to cyber threats.


A forensic imager for media acquisition.


A Recycle Bin forensics tool.

Kali Linux

A Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing.

Security Onion

A free and open-source platform for threat hunting, enterprise security monitoring, and log management.

Autopsy Grep

A utility for searching through the file system for specific content.

Bulk Rename Utility

A free file renaming software for Windows.


WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday and emergency use: inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards.

Leave a Reply