[DFIR] 도구 모음

Memory / RAM

Belkasoft RAM Capturer

• https://belkasoft.com/ram-capturer

MAGNET Process Capture

• https://www.magnetforensics.com/resources/magnet-process-capture/

MAGNET RAM Capture

• https://www.magnetforensics.com/resources/magnet-ram-capture/

MemProcFS

• https://github.com/ufrisk/MemProcFS

Volatility2

• https://volatilityfoundation.org/

Volatility3

• https://github.com/volatilityfoundation/volatility3

Volatility Workbench - A GUI

• https://www.osforensics.com/tools/volatility-workbench.html

WinPmem

• https://github.com/Velocidex/WinPmem/releases

Mobile

ALEAPP

• https://github.com/abrignoni/ALEAPP

Andriller

• https://github.com/den4uk/andriller

android_triage

• https://github.com/RealityNet/android_triage

APOLLO

• https://github.com/mac4n6/APOLLO

dex2jar

• https://github.com/pxb1988/dex2jar

Googole Analytic Cookie Cruncher

• https://github.com/mdegrazia/Google-Analytic-Cookie-Cruncher

iLEAPP

• https://github.com/abrignoni/iLEAPP

ios_apt

• https://github.com/ydkhatri/mac_apt/blob/master/ios_apt.py

iOS_sysdiagnose_forensics_scripts

• https://github.com/cheeky4n6monkey/iOS_sysdiagnose_forensic_scripts

ios_triage

• https://github.com/RealityNet/ios_triage

iTunes_Backup_reader

• https://github.com/jfarley248/iTunes_Backup_Reader

JADX

• https://github.com/skylot/jadx

java-decompiler/jdgui

• https://github.com/java-decompiler/jd-gui

M.E.A.T.(Mobile Evidence Acquisition Toolkit)

• https://github.com/jfarley248/MEAT