Digital Forensics Tools

All Products

(1-25 of 32)

1
Splunk Enterprise Security (ES)

Splunk Enterprise Security (SIEM) is the company's flagship SIEM product, offered as a premium service to subscribers of Splunk Cloud or Splunk Enterprise.

2
Wireshark

Wireshark is a free and open source network troubleshooting tool.

3
Maltego
0 reviews

Maltego is an open source intelligence (OSINT) and graphical link analysis tool for gathering and connecting information for investigative tasks, available as a Java application that runs on Windows, Mac and Linux.

4
Cyber Triage
0 reviews

Basis Technology in Cambridge, MA offers Cyber Triage, an incident response software emphasizing the rapid and accurate collection of endpoint data, touted as better and more comprehensive than antivirus and ideal for non-forensics experts.

5
Intezer
0 reviews

Intezer offers 24/7 monitoring and investigation of endpoints and security alerts, to identify and automatically resolve false positives, or provide contextual guidance and risk profiles. Within a minute after each new alert, Intezer provides assessments and recommended actions which…

6
Nextron Thor
0 reviews

THOR is a sophisticated and flexible compromise assessment tool. The manual analysis of many forensic images can be challenging. THOR speeds up this forensic analysis with more than 17,000 handcrafted YARA signatures, 400 Sigma rules, numerous anomaly detection rules and thousands…

7
CAINE (Computer Aided Investigate Environment)
0 reviews

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project. CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a graphical interface.…

8
Paraben E3 Forensic Platform

Since 2001 Paraben has been a foundation in solutions for mobile devices, smartphones, email, hard drives, and gaming system forensics. Paraben’s focus on mobility led to many other areas of innovation including the research and development into the Internet of Things (IoT) with…

9
Menlo Browsing Forensics

Menlo Browsing Forensics is used to examine browser session recordings, including user keystrokes, to get the facts about browser usage.

10
Trellix Endpoint Security ENS

Trellix Endpoint Security (ENS) solutions apply proactive threat intelligence and defenses across the entire attack lifecycle to keep organizations safer and more resilient.

11
GoSecure Responder PRO

GoSecure Responder PRO is a forensics toolkit that helps reverse engineers understand exactly how malware was executed on specific machines, with the ability to disassemble and visualize the results. Further, reverse engineers can produce reports that demonstrate with granular, fine-…

12
Clari5 Graph Intelligence

Clari5 Graph Intelligence is a visual investigation solution that reveals hidden linkages between customers, accounts and transactions through common attributes shared by t…

13
NetworkMiner

NetworkMiner is an open source Network Forensic Analysis Tool (NFAT) for Windows. It is developed and supported by Netresec, a small company headquartered in Sweden.

14
Splunk Attack Analyzer

Automated threat analysis of suspected malware and credential phishing threats. based on Twinwave, the software identifies and extracts associated forensics for threat detections.

16
Phonexia Orbis Investigator

Phonexia Orbis Investigator is an out-of-the-box solution for the rapid investigation of audio recordings by law enforcement agencies. Powered by voice biometrics and speech recognition, it identifies speakers and other key information in audio recordings automatically and provides…

17
Query.ai
0 reviews

The Query.AI Security Investigations Platform offers access to cybersecurity data wherever it is stored (in the cloud, third-party SaaS, or on-prem), regardless of vendor or tech…

18
Joe Sandbox
0 reviews

Joe Security specializes in the development of malware analysis systems for malware detection and forensics. Based on the idea of deep malware analysis and multi-technology platform, Joe Security offers technologies to analyze malware in depth. Joe Security provides malware analysis…

19
Autopsy Digital Forensics

Autopsy is a Windows-based desktop digital forensics tool that is free, open source, and boasts features normally found in commercial digital forensics tools. Developer Basis Technology states the tool is extensible and comes with features that include keyword search, hash matching,…

20
Magnet Digital Investigation Suite

Magnet Forensics is a developer of digital investigation software that acquires, analyzes and shares evidence from computers, smartphones, tablets and IoT related devices, headquartered in Waterloo, Ontario. Magnet Forensics partners with law enforcement, government, military and…

21
Cellebrite
0 reviews

Cellebrite, an Israeli company, offers a suite of digital forensics products for law enforcement or other entitites conducting investigations requiring digital intelligence as evidence. Their machine learning tools are designed to extract and analyze forensic data from any mobile…

22
OpenText EnCase Forensic

OpenText EnCase Forensic is a court-ready solution for finding, decrypting, collecting and preserving forensic data from a wide variety of devices, while ensuring evidence integrity and integrating investigation workflows.

23
Mobile Verification Toolkit (MVT)
0 reviews

Mobile Verification Toolkit (MVT) is a tool to facilitate the consensual forensic analysis of Android and iOS devices, for the purpose of identifying traces of compromise. It is free and open source.

24
ProDiscover Forensics

ProDiscover Forensics is a comprehensive digital forensics software that empowers investigators to capture key evidence from computer systems. ProDiscover has capabilities to handle all aspects of an in-depth forensic investigation to collect, preserve, filter, and analyze evidence.…

25
X-Ways Forensics

X-Ways Forensics is an advanced work environment for computer forensic examiners and our flagship product that runs on Windows. X-Ways Forensics is presented as not resource-hungry, fast, finds deleted files and search hits that the competitors will miss, and does not depend on setting…

Learn More About Digital Forensics Tools

What are Digital Forensics Tools?

Digital forensic tools are investigative tools that discover, extract, preserve, decrypt, and analyze digital evidence. A variety of tools capture information from a wide range of sources: including computers, servers, smartphones, disk drives, memory, networks, files, databases, the internet, and IoT devices.

They can be deployed individually or as part of a suite of digital forensic tools and include both software and hardware tools. They automate the presentation of evidence and are able to support multiple operating systems including Windows, Linux, Unix, macOS, iOS, and Android.

Digital forensic tools are used by law enforcement for criminal investigations and legal proceedings and by incident response teams to manage cyber security incidents, most notably in the banking, financial services, and insurance industries.

These tools are often used preemptively to ascertain the vulnerability of IT infrastructure and as part of security preventive maintenance. Many of the tools provide guidance on how to address current incidents and prevent future ones.

Machine learning and AI-assisted analysis is a growing trend in digital forensics and is being used to analyze large amounts of data from the cloud, social networks, IoT devices, and video, and for pattern recognition to identify potential cybercrimes.

Digital Forensics Tools Features

Digital forensic tools will have many of these features.

  • Discover, extract, preserve, decrypt, and analyze digital evidence
  • Collect data from computers, servers, laptops, tablets, smartphones, mobile devices, smartwatches, disk drives, data storage systems and devices, memory, registries, networks, routers, files, databases, emails, texts, the internet, browsers, social networks, digital media, video, GPS systems, and IoT devices
  • Live acquisition of evidence
  • Password and hash cracking
  • Bit copying
  • Disk cloning
  • File recovery for hidden, deleted data, and unknown content
  • Timeline analysis
  • Data and metadata search
  • Overcome encryption barriers and advanced locks
  • Evidence preparation and reporting
  • Custom workflows, configurable features, and tools
  • Wizards, dashboards, and data visualization
  • Support Windows, Linux, Unix, macOS, iOS, and Android

Digital Forensics Tools Comparison

Use Case: Law enforcement agencies require a multipurpose tool that supports electronic discovery, cyber forensics, analytics across a wide range of digital devices, remote capabilities, and evidence preparation and reporting. Commercial organizations that are focused on incident management and cybersecurity risk mitigation should select tools that include data and file recovery, network monitoring, and analysis.

Scope: Will the purchase of individual tools that target specific resources such as mobile devices, hard drives, memory, and networks best address your needs, or do you need a suite of tools that cover a wide range of digital resources?

Privacy and Security: The use of some sophisticated digital forensic tools can entail significant privacy and security-related risks and as such are only sold to law enforcement or governmental agencies.

Open-Source vs. Proprietary Tools: Many open-source digital forensic tools are free, however, that requires you have the expertise to utilize them. Proprietary tools can be more user-friendly providing training and support that facilitate their use.

Pricing Information

Many open-source tools are free. A basic suite of forensic tools begins at around $3,500 per license. Forensic tools for large organizations often require a price quote. Free trials are sometimes available.

Related Categories

Frequently Asked Questions

What do digital forensics tools do?

Digital forensic tools find, collect, retain, decrypt, and analyze digital information from a variety of devices including computers, networks, hard drives, memory, smartphones, and IoT devices. They assist in the preparation of evidence to support law enforcement and criminal investigations and help to understand and prevent cybersecurity breaches.

What are the benefits of using digital forensics tools?

Digital forensic tools are an effective way to investigate policy violations or any fraudulent or criminal activity that leaves a digital trail. The tools’ abilities to analyze and reconstruct user activity provides a means to identify wrongdoers, is a deterrent against malicious acts and minimizes future vulnerabilities. It helps identify and recover lost or stolen information.

How much do digital forensics tools cost?

Depending on the features, a basic set of forensic tools begins at around $3,500. There are many open-source tools that are free of charge. Free trials are available.