Must haves

Windows artefacts

  • Zimmerman tools - Multiple tools to extract/analyse forensic artefacts

  • Sysinternals - Multiple tools to interrogate Windows

  • Kape - Triage tool for quickly extracting data

  • FTK - Forensic Tool Kit for taking images of disks

  • The Sleuth Kit - Autopsy and other file system utilities

  • Wireshark - Network traffic analysis

  • Hex editor - Analysing binary data, popular choices:

PreviousToolsNextTools

Last updated