DON’T RELY ON A TOOL UNTIL YOU KNOW WHAT ITS DOING.
Forensics Community Sites
- Forensic Focus
Forensics News, Information and Community. - Computer Forensics World
A Community of Computer Forensics Professionals.
技能加油站
- Python & Forensic
- xls文件分析
- 痕迹查询
- Awesome Forensics
- Windows 7 脚本编程和命令行工具指南
- 英汉双解微软计算机辞典 第5版
- Digital Forensics 之思维导图
工具集:
- Visual Studio 2008简体中文(官方版)
- 不拆机镜像
WinFE - 查壳工具
Detect it Easy(DIE)
Exeinfo PE - 调试工具
OllyDbg - Lantern
- 文件传输工具
WinSCP
Xshell
Python -m SimpleHTTPServer - VMFS镜像加载工具
UFS Explorer Professional Recovery - 文本编辑器EmEditor
- Linux forensic distributions
Helix - Advanced Office Password Recovery
- 文件搜索工具
FileSeek - 数据库日志分析工具
ApexSql Log 2018 - SQLite数据库文件查看工具
DB Browser for SQLite - SQLite数据库文件恢复工具
SQLite Forensic Explorer
SQLite 错误 The database disk image is malformed database disk image is malformed 可解决! - 重复文件清理工具
CloneSpy - NT系统引导自动修复工具(场景:XP和WIN7双系统,启动项只有一个系统)
NTBOOTautofix
[1] 密钥查看器
[2] pyvmx-cracker : this tool aims to crack VMX encryption passwords.
[3] Bandicam