Tag Archives: Incident Response

DataDump – Dump Segments From Logical Device

DataDump is a free tool which allows you to dump segments of data from an original source image or physical/logical device.

Windows Forensic Toolchest (WFT) – Live Response Toolkit

The Windows Forensic Toolchest (WFT) is designed to provide a structured and repeatable automated Live Forensic Response, Incident Response, or Audit.

LogViewer – Tool to View and Search Large Text Files

LogViewer is a tool designed to work with any large text files, so that even very large files can be opened, viewed and searched.

Windows File Analyzer – Forensic File Analysis Tool

Windows File Analyzer is a tool to decode and analyze some special files used by Windows Operating System.

EvidenceMover – Tool to Copy Evidence Between Locations

Nuix EvidenceMover is a tool designed to copy evidence file images from one storage location to another.

Live View – Boot dd images in VMware

Live View is a Java-based graphical forensics tool that creates a VMware virtual machine out of a raw (dd-style) disk image or physical disk.

REGA – Forensic Windows Registry Analyzer

REGA is a forensic tool that performs collection and analysis of the windows registry hives (GUI application). The tool will automatically search a target computer.