| | Software | OS/Support | Features | Sources |
| | E3 Universal | Window, Linux, macOS, iOS | IoT analysis, cloud data imaging, and analysis, registry analysis, email investigation, JTAG, and chip dump processing | https://paraben.com/digital-forensic-tools-6/ | | WireShark | Windows, Linux, macOS, Solaris | VoIP, GUI, offline analysis, WAN/LAN analyzer | https://www.wireshark.org/ | | Autopsy | Windows, Linux, macOS Android | Registry analysis, LNK file analysis, timeline analysis, file type detection, email analysis | https://www.sleuthkit.org/autopsy/ | | Paladin | Linux | Device cloning support for many forensic image formats: E01, Ex01, RAW, VHD, AFF, disk manager, and automatic logging | https://sumuri.com/software/paladin/ | | Dumpzilla | Unix, Windows | Forensic information extraction from Firefox, SeaMonkey browsers including cookies, bookmarks, web forms, SSL certificates, browser-saved passwords | https://tools.kali.org/forensics/dumpzilla | | SIFT (SANS investigative forensic toolkit) | Linux | File system support, different evidence image format support, rapid scripting, and analysis | https://digital-forensics.sans.org/community/downloads | | Toolsley | Web based | File repairing, text encoding, file identification, file signature verification, binary inspection, CRC tool | https://www.toolsley.com/ | | NetworkMiner | Windows, Linux, macOS X, FreeBSD | Live sniffing, OS fingerprinting, Geo IP localization, DNS whitelisting, audio extraction and playback of VoIP calls, PCAP and PcapNG file parsing | https://sectools.org/tool/networkminer/ | | Elcomsoft | Windows, macOS, iOS | Password recovery, cloud explorer, disk decryption, wireless security auditor | https://www.elcomsoft.co.uk/ | | Belkasoft X | Windows macOS, Linux, iOS, Android, Blackberry | E01/DD imaging, Hash set analysis, registry viewer, plist viewer, artifacts viewer, SQLite viewer | https://belkasoft.com/ |
|
|
