Malware Forensics:
This branch deals with the identification of malicious code, to study their payload, viruses, worms, etc.
| Name | Platform | License | Description |
| Software Tools | |||
| Wireshark | Windows, macOS, Linux | Open Source | A network protocol analyzer used for network troubleshooting and analysis. |
| Maltego | Windows, macOS, Linux | Commercial | A powerful tool for open-source intelligence and forensics. |
| Autopsy | Windows, macOS, Linux | Open Source | A digital forensics platform and graphical interface to The Sleuth Kit. |
| Volatility | Windows, macOS, Linux | Open Source | An advanced memory forensics framework for analyzing volatile memory. |
| FTK (Forensic Toolkit) | Windows | Commercial | A comprehensive forensic software platform with various analysis tools. |
| EnCase Forensic | Windows | Commercial | A digital forensics software for analyzing electronic evidence. |
| Hardware Tools | |||
| Tableau Forensic Bridge | Windows, macOS, Linux | Commercial | A hardware write blocker for acquiring forensic images of storage devices. |
| Cellebrite UFED | Windows | Commercial | A mobile forensics solution for data extraction and analysis from mobile devices. |
| Logicube Forensic Dossier | Windows | Commercial | A hardware write blocker and duplicator for forensic data acquisition. |
| Deepspar Disk Imager | Windows | Commercial | A hardware disk imager for efficient and secure data recovery and forensics. |
| Write Protection Devices | Various | Commercial | Devices like WiebeTech Write Blockers to prevent data writes during forensics. |