Please enable JavaScript.
Coggle requires JavaScript to display documents.
Digital Forensics - Coggle Diagram
Digital Forensics
PC
Linux forensics
Memory
https://www.kali.org/tools/memdump/
https://volatilityfoundation.org/
File system
https://www.kali.org/tools/foremost/
https://kali.tools/?p=1804
https://www.kali.org/tools/scalpel/
Mac OS forensics
Tools
Memory
https://volafox-blog.tumblr.com/
https://ponderthebits.com/2017/02/osx-mac-memory-acquisition-and-analysis-using-osxpmem-and-volatility/
Filesystem
https://wiki.sleuthkit.org/index.php?title=TSK_Tool_Overview
Windows forensics
Memory
https://www.toolwar.com/2014/01/dumpit-memory-dump-tools.html
https://volatilityfoundation.org/
File system
https://wiki.sleuthkit.org/index.php?title=TSK_Tool_Overview
https://www.kali.org/tools/scalpel/
Other
Log analysis
Tools
https://www.splunk.com/
https://code.google.com/archive/p/pyflag/
Extra tools
https://awstats.sourceforge.io/
https://ru.wikipedia.org/wiki/Webalizer
Memo analysis
Tools
Dumpit
Saving copy to the memory (RAM)
Volatility
Analysis of memory
Supports Windows & Linux
Volafox
Analysis of memory
Mac OSX & BSD
Mobile forensics
Tools
https://github.com/santoku/Santoku-Linux
https://github.com/nowsecure/android-forensics
https://oxygenforensics.com/en/
Extra tools
https://uk.wikipedia.org/wiki/IBrowse