Your use of the packages on this site means you understand they are not supported or guaranteed in any way. Due to the nature of a public repository and unreliability due to distribution rights, these packages should not be used as is for organizational purposes either. Learn more.
Search for "tag:forensics" Returned 48 Package s
Displaying Results 1 - 30 of 48
- Passing
- Failing
- Pending
- Unknown / Exempted
-
1,260 Downloads
Network Forensic Extendable Analysis Tool
-
4,171 Downloads
Fast, multi-threaded file hashing utility
- By:
- EricRZimmerman
>
-
3,147 Downloads
The Sleuth Kit® is a collection of command line tools and a C library that allows you to analyze disk images and recover files from them. ... Keep Reading
- By:
- DeclanEWilliams
>
-
5,504 Downloads
geolocate ip addresses in IIS logs
- By:
- EricRZimmerman
>
-
4,987 Downloads
X-Ways Forensics Installation Manager
- By:
- EricRZimmerman
>
-
3,267 Downloads
Windows Volume Shadow Copy mounting tool
-
4,810 Downloads
bstrings is a better strings utility
-
4,511 Downloads
TimeApp displays the current and UTC times with millisecond precision
- By:
- EricRZimmerman
>
-
8,145 Downloads
ShellBags Explorer allows for visually viewing and interacting with shell bags found in usrclass.dat and ntuser.dat Registry hives
-
8,174 Downloads
AppCompatCache aka shimcache parser
>
-
7,296 Downloads
Amcache.hve parser
- By:
- EricRZimmerman
>
-
2,517 Downloads
Windows Recycle Bin parser
- By:
- EricRZimmerman
>
-
Tool to find metadata and hidden information in documents
- By:
- dgalbraith
>
-
2,335 Downloads
radare2 is a scriptable set of tools and libraries for reverse engineering and forensics.
- By:
- GustavoLCR
>
-
64 Downloads
Tableau Forensic Imager (TIM) is Tableau's free forensic imaging software application.
- Tags:
- tableau-imager
- forensics
- dfir
>
-
33 Downloads
Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
- Tags:
- autorunner
- autoruns
- forensics
- dfir
>
-
63 Downloads
bulk_extractor is a high-performance digital forensics exploitation tool.
>
-
129 Downloads
A forensic utility for converting data found on desktop and mobile devices into human-readable timestamps.
-
66 Downloads
Fast suspicious file finder for incident response.
>
-
65 Downloads
Extract $MFT record info and log it to a csv file.
-
61 Downloads
Parser for $UsnJrnl on NTFS
>
-
60 Downloads
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
-
90 Downloads
Hibernation Recon extracts forensic data from Windows hibernation files.
- Tags:
- hibernation-recon
- forensics
- dfir
>
-
102 Downloads
Android Logs Events And Protobuf Parser
>
-
288 Downloads
Arsenal Image Mounter mounts the contents of disk images as complete disks in Microsoft Windows.
- Tags:
- arsenalimagemounter
- forensics
- dfir
>
-
100 Downloads
Web browser forensics for Google Chrome/Chromium
-
73 Downloads
Parser for $LogFile on NTFS
>
-
106 Downloads
iOS Logs, Events, And Plists Parser
-
104 Downloads
Simple IOC and Incident Response Scanner
>
-
161 Downloads
FullEventLogView displays the details of all events from the event log of Windows (Including the event description).
- Tags:
- fulleventlogview
- event
- log
- forensics
- dfir
>

Join the Chocolatey Team on our regular monthly stream where we discuss all things Community, what we do, how you can get involved and answer your Chocolatey questions.

Join the Chocolatey Team on our regular monthly stream where we put a spotlight on the most recent Chocolatey product releases. You'll have a chance to have your questions answered in a live Ask Me Anything format.

Livestream from
Thursday, 06 October 2022
We recently released our largest update to Chocolatey Central Management so far. Join Gary and Steph to find out more about Chocolatey Central Management and the new features and fixes we've added to this release.
Watch On-Demand
Webinar Replay from
Wednesday, 30 March 2022
At Chocolatey Software we strive for simple, and teaching others. Let us teach you just how simple it could be to keep your 3rd party applications updated across your devices, all with Intune!
Watch On-Demand
Livestream from
Thursday, 9 June 2022
Join James and Josh to show you how you can get the Chocolatey For Business recommended infrastructure and workflow, created, in Azure, in around 20 minutes.
Watch On-Demand
Livestream from
Thursday, 04 August 2022
Join Paul and Gary to hear more about the plans for the Chocolatey CLI in the not so distant future. We'll talk about some cool new features, long term asks from Customers and Community and how you can get involved!
Watch On-Demand
Livestreams from
October 2022
For Hacktoberfest, Chocolatey ran a livestream every Tuesday! Re-watch Cory, James, Gary, and Rain as they share knowledge on how to contribute to open-source projects such as Chocolatey CLI.
Watch On-Demand
Livestream from
Thursday, 03 November 2022
Join Paul and Gary for this months Chocolatey product livestream where we look at the latest release of Chocolatey 1.2.0, Chocolatey Licensed Extension 5.0.0 and shine a spotlight on the new hook scripts functionality. This opens up so many possibilities for Chocolatey CLI users!
Watch On-Demand
Livestream from
Tuesday, 29 November 2022
Join Josh as he adds the ability to manage Chocolatey GUI config and features with the Chocolatey Ansible Collection.
Watch On-Demand
Webinar from
Tuesday, 13 December 2022
Join Gary, Paul, and Maurice as they introduce and demonstrate how to use Chocolatey! Questions will be answered live in an Ask Me Anything format.
Watch On-Demand