Our Members:

Online Resources


Cell Phone Research Sites


Chrome Artifacts

Chrome Cache Viewer extracts information from the browser's cache.

Chrome Cookie Viewer extract information from chrome cookies.

Chrome Pass extracts passwords from the Chrome browser.


Complaints

If you have been the victimized using any form of communications device you can file a complaint with the Federal Communications Commission.


Date/Time Stamps

Decode converts date and time stamps into different formats.


Domain Research

Online Research Tool - website resource tool and other information
GEO IP Lookup Tool - this can trace multiple IP addresses to a particular location.
GEO IP Lookup Tool

- this can trace a single IP address to a particular location.


File Archiving Program

Data Backups is critical to provide your information. Breakpoint Forensics tool has a solution with the PacknHash auto archiver.




File Research Tool

File Info: shows information about file extensions.


Firefox Browser Tools

Mozilla Cache Viewer extracts cache information from the firefox web browser.

MZ Cookie Viewer extracts cookie information from the Firefox SQLite database.

MZ History Viewer extracts information from the firefox browser history.

Password Fox extracts passwords from the firefox web browser.


Forensic Images

California Poly Test images


Computer Forensic Reference DataSet Portal contains a series of computer forensics images for testing or digital forensics tool testing.


DC3DD is another version of the dd command. 


DCFLDD s a version of the dd command that has incorporated additional features 


Digital Corpora provides free computer forensic images, memory dumps and packet captures.


Enron email dataThis dataset contains data from about 150 users, mostly senior management of Enron, organized into folders. It contains a total of about 0.5M messages originally made public, and posted to the web, by the Federal Energy Regulatory Commission.


Mini-WinFE is a bootable Windows GUI for forensics.


Forensics Software

Axiom is a GUI based Windows forensics tool.


Encase Forensics - this was one of the very first GUI based Windows Forensics tool.


FEX Imager is a free forensic imaging tool.


Forensic Explorer is a paid computer forensics analysis tool.


Forensic Tool Kit - originally created by Access Data is a GUI based Windows Forensics tool.


Mount Image Pro - allows the mounting of forensic images as a local drive letter.


The Paladin software - This is a great forensics resource for a bootable USB stick.  It's free, but they request a donation.

Instructions for USB configuration can be found here.




X-Ways was created by Stefan Fleischmann


Hardware

Many different computer components from Seeedstuido.


Hash Calculator

Jumsum is a great free hash calculator, which can create a wide range of hash values.


Hex editor

Hexed is a simple and easy to use browser based hex editor.


Internet Explorer

Internet Explorer Cache Viewer extracts Microsoft Internet Explorer cache.


JTAG Resource Sites


Licensing

Private Investigator Licensing by State

Many states require a private investigator license in order to collect and/or process digital evidence.  The above link is provided by Mike Kessler.



Prefetch Tools

Winprefetch Viewer extracts prefetch information from the windows operating system.


Memory Analysis

Dump file converts dumps are in a propriety format and must be converted for other tools to read the data properly.

DumpIt extracts data from a system's memory.

FTK Imager provides a command line and graphical user interface to extract a system's memory 

Volatility is a comprehensive memory analysis tool. 

VOLIX II is a graphical user interface for Violatility. 


NTFS Information

If you would like to know more about the NTFS, this page provides some great information.


Rainbow Tables

LoftCraft - Tables: provides the ability to wash hashes through rainbow tables and decrypt passwords.


Security Code Bypass

Remote Pin codes: swipe pattern matches on Cell phones and other mobile devices.


Text Editors

Notepad ++ is a very robust text editing program with many advanced features.


Timeline Analysis and Creation

Log 2 Timeline extracts a system’s timeline information into a plaso database.


Aeon Timeline creates timelines.

Plaso provides a Python backend for the log2timeline tool.

Timeline Explorer creates a timeline.

Timeline Maker Pro extracts timeline information.

Time Sketch creates timelines. 


Thumbnail Cache

ESEDatabaseView provides more information about how Thumbnails created.


Thumbcache Viewer is a great tool to view thumbnail cache information.


Webpage Scanners and Research


Abuse IPDB: shows reports for domains and ip addresses.


Any.run: checks webpages and files for reports of malicious behavior


Clean Talk: shows spam activity reported from webpages and ip addresses.


Hybrid Analysis: checks webpages and files for reports of malicious behavior.


Joe Sandbox: checks websites and files for reports of malicious behavior.


Netcraft: shows general website information along with owner information for domains.


Palo Alto URL Filtering: shows how Pal Alto rates a domain.


Talso Reputation Center: shows how Cisco rates a domain, whether it's been reported.


URL Scan: safety connects to webpages and shows results.


Virus Total:   checks files and webpages for reports of malicious behavior.


Windows Event Log

The recommended Windows Event log recommendations by Microsoft.



Latest News

Recent forum updates

Tuesday, December 27, 2022 7:52 PM • Janet Smith
MTF
Wednesday, December 14, 2022 8:13 PM • David Benton
Wednesday, December 14, 2022 7:19 PM • Janet Smith

CONTACT US


The American Society of

     Digital Forensics & eDiscovery, Inc®

      For Digital Evidence Experts™

      2451 Cumberland Parkway, Suite 3382 

     Atlanta, GA 30339-6157

     (404) 919-1143


CONTACT  US




ABOUT

BENEFITS

BY-LAWS

CALENDAR

CONTACT

DONATE

LEADERSHIP

PRIVACY

TERMS


Copyright 2024

All Rights Reserved

Powered by Wild Apricot Membership Software