A list of free digital forensics tools to analyze memory dumps, network captures or extract deleted files from storage devices.

Introduction

Digital forensics is the process of recovering and investigating electronic data.

This forensic science is mostly used by law enforcement but some companies hire digital forensics experts to investigate on unauthorized network intrusion.

The typical forensic process encompasses the seizure, forensic imaging and analysis of digital media and the production of a report into collected evidence.

This list contains some of the best free digital forensics softwares available on the internet.

Tools to analyze network traffic for the purposes of information gathering or intrusion detection.

NetworkMiner can extract credentials, files and certificates transferred over the network.

Wireshark is the world's foremost network protocol analyzer.

Tools to examine digital media for the recovering of digital information.

bulk_extractor is a program that scans a file, or a directory of files and extracts useful information.

The Digital Forensics Framework is computer forensics open-source software with a nice GUI.

The Sleuth Kit is a free and open source collection tools to analyze computer systems.

TestDisk is a data recovery software to recover lost partitions.

Tools to analyze a computer's memory dump for the recovering of digital information.

Rekall is a modular memory analysis framework based on Volatility.

The Volatility Framework is collection of tools for the extraction of digital artifacts from volatile memory.

A great tool to read, write and edit metadata from files.

A Python tool to explore PDF files.