acstore

afflib

Library that implements the AFF image standard

afl

aflplusplus

aide

AIDE (Advanced Intrusion Detection Environment) is a replacement for Tripwire

bindiff

brakeman

bulk_extractor

chkrootkit

a tool to locally check for signs of a rootkit

cmospwd

CmosPwd decrypts password stored in cmos used to access BIOS SETUP

dfvfs

dfwinreg

dfxml

dmitry

examiner

Examiner is an application that utilizes the objdump command to disassemble and comment foreign executable binaries

fatback

foremost

A console program to recover files based on their headers and footers

ftimes

galleta

IE Cookie Parser

gitleaks

hindsight

honggfuzz

inception

kjackal

lazagne

libbde

libbfio

libesedb

libevt

libevtx

libewf

Implementation of the EWF (SMART and EnCase) image format

libexe

libforensic1394

libfsapfs

libfsclfs

libfsext

libfsfat

libfshfs

libfsntfs

libfsxfs

libfvde

liblnk

libluksde

libmodi

libmsiecf

libnk2

libnsfdb

libodraw

libolecf

libpff

libphdi

libqcow

libregf

libscca

libsmraw

libvsapm

libvsgpt

libvshadow

libvslvm

libvsmbr

libwtcdb

log2timeline

lynis

Security and system auditing tool

mac-robber

mac-robber is a digital forensics and incident response tool that collects data

magicrescue

Find deleted files in block devices

make-pdf

memdump

Simple memory dumper for UNIX-Like systems

mvt

mxtract

mysql-magic

nrich

oletools

openscap

openscap-daemon

origami-pdf

pasco

IE Activity Parser

pcileech

pdf-parser

pdfid

plaso

pytsk

radamsa

RdpCacheStitcher

readpe

reglookup

regviewer

rifiuti

Recycle Bin Analyzer

rkhunter

Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers.

s3tk

samhain

scalpel

sleuthkit

A collection of file system and media management forensic analysis tools

stegoveritas

stigqter

tcpxtract

unhide

volatility3

whispers

xmount

yara

yara-x

zsteg

zzuf

Transparent application input fuzzer

acstore

libfsext

mysql-magic

afflib

libfsfat

nrich

afl

libfshfs

oletools

aflplusplus

libfsntfs

openscap

aide

libfsxfs

openscap-daemon

bindiff

libfvde

origami-pdf

brakeman

liblnk

pasco

bulk_extractor

libluksde

pcileech

chkrootkit

libmodi

pdf-parser

cmospwd

libmsiecf

pdfid

dfvfs

libnk2

plaso

dfwinreg

libnsfdb

pytsk

dfxml

libodraw

radamsa

dmitry

libolecf

RdpCacheStitcher

examiner

libpff

readpe

fatback

libphdi

reglookup

foremost

libqcow

regviewer

ftimes

libregf

rifiuti

galleta

libscca

rkhunter

gitleaks

libsmraw

s3tk

hindsight

libvsapm

samhain

honggfuzz

libvsgpt

scalpel

inception

libvshadow

sleuthkit

kjackal

libvslvm

stegoveritas

lazagne

libvsmbr

stigqter

libbde

libwtcdb

tcpxtract

libbfio

log2timeline

unhide

libesedb

lynis

volatility3

libevt

mac-robber

whispers

libevtx

magicrescue

xmount

libewf

make-pdf

yara

libexe

memdump

yara-x

libforensic1394

mvt

zsteg

libfsapfs

mxtract

zzuf

libfsclfs