The app-forensics category contains software which helps detect and analyse security breaches.
afflib | Library that implements the AFF image standard |
---|---|
afl | american fuzzy lop - compile-time instrumentation fuzzer |
aide | AIDE (Advanced Intrusion Detection Environment) is a file integrity checker |
air | A GUI front-end to dd/dc3dd |
chkrootkit | Tool to locally check for signs of a rootkit |
cmospwd | CmosPwd decrypts password stored in cmos used to access BIOS SETUP |
dfxml | Digital Forensics XML |
examiner | Utilizes the objdump command to disassemble and comment foreign binaries |
foremost | A console program to recover files based on their headers and footers |
galleta | IE Cookie Parser |
honggfuzz | A general purpose fuzzer with feedback support |
libewf | Implementation of the EWF (SMART and EnCase) image format |
lynis | Security and system auditing tool |
mac-robber | mac-robber is a digital forensics and incident response tool that collects data |
magicrescue | Find deleted files in block devices |
memdump | Simple memory dumper for UNIX-Like systems |
openscap | Framework which enables integration with Security Content Automation Protocol |
ovaldi | Free implementation of OVAL |
pasco | IE Activity Parser |
quickfuzz | An experimental grammar fuzzer in Haskell using QuickCheck |
radamsa | A general purpose fuzzer |
rifiuti | Recycle Bin Analyzer |
rkhunter | Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers |
scalpel | A high performance file carver |
sleuthkit | A collection of file system and media management forensic analysis tools |
unhide | A forensic tool to find hidden processes and TCP/UDP ports by rootkits/LKMs |
volatility | Framework for analyzing volatile memory |
yasat | Security and system auditing tool |
zzuf | Transparent application input fuzzer |