# Acquisition and Analysis ### Active Disk Editor Website: Description: File / Disk Editor and Template Manager\ Author: LSoft Technologies\ License: Version: 23.0.1\ Notes: ### Arsenal Image Mounter Website: Description: Forensic Image Mounter\ Author: Arsenal Recon\ License: Version: 3.10.262\ Notes: ### Autopsy Website: Description: GUI based application for image analysis\ Author: Brian Carrier / Basis Technology\ License: Apache 2.0 ( Version: 4.21.0\ Notes: ### Elcomsoft Forensic Disk Decryptor Website: Description: Tool for decrypting disks or extracting encryption keys from memory\ Author: Elcomsoft\ License: EULA ( Version: 2.20.1011.6893\ Notes: Available, but not installed by default ### FEX Imager Website: Description: Physical and Logical Imaging Tool\ Author: GetData Forensics\ License: Free\ Version: 2.2.1.283\ Notes: ### FEX Memory Imager Website: Description: Memory Acquisition Tool\ Author: GetData Forensics\ License: Free\ Version: 1.10\ Notes: ### fit - Freezing Internet Tool Website: Description: Tool to forensically acquire web-based content like emails, social media, etc.\ Author: License: GNU General Public License v3 ( Version: 1.2.0\ Notes: Requires npcap ### FTK Imager Website: Description: Forensic Image Acquisition and Triage tool\ Author: Exterro Inc / AccessData\ License: EULA\ Version: 4.7.1.2\ Notes: ### Magnet Acquire Website: Description: Evidence Acquisition tool\ Author: Jad Saliba - Magnet Forensics\ License: EULA\ Version: 2.68.0.36478\ Notes: ### Magnet AXIOM Website: Description: Evidence Acquisition and Analysis toolset\ Author: Jad Saliba - Magnet Forensics\ License: EULA\ Version: 6.11.0.34807\ Notes: ### Magnet Chromebook Acquisition Website: Description: Evidence Acquisition for Chromebook\ Author: Jad Saliba - Magnet Forensics\ License: EULA\ Version: 1.06\ Notes: ### Magnet DumpIt Website: Description: Windows Memory Dump tools from Comae / Magnet\ Author: Magnet Forensics\ License: EULA\ Version: 20230117\ Notes: ### Magnet RAM Capture (MRC) Website: Description: Windows memory capture utility\ Author: Magnet Forensics\ License: EULA\ Version: 1.2.0\ Notes: ### Magnet RESPONSE Website: Description: Tool to collect data relevant to incident response investigations\ Author: Magnet Forensics\ License: EULA\ Version: 1.70\ Notes: ### OSFMount Website: Description: Drive / Disk / Image mounting tool\ Category: Acquisition and Analysis\ Author: PassMark\ License: Free (EULA, contained in software)\ Version: 3.1\ Notes: ### Pilfer Website: Description: Rapid triage tool using Windows in-built binaries\ Author: Corey Forman (digitalsleuth)\ License: GNU General Public License v3 ( Version: 3.1\ Notes: ### plaso (super timeline all the things) Website: Description: Python 3 tool to generate a timeline of all artifacts\ Author: License: Apache License v2 ( Version: 20230717\ Notes: log2timeline.py, psort.py, psteal.py ### Tableau Imager Website: Description: Disk / Device Imager\ Author: OpenText\ License: EULA\ Version: 20.3.3\ Notes: ### winpmem Website: Description: Memory Acquisition Tool\ Author: Mike Cohen (scudette)\ License: Apache License v2 ( Version: 4.0.rc2\ Notes: ### X-Ways Forensics Website: Description: Forensic Analysis Software\ Author: Stefan Fleischmann\ License: License Dependent - Version: 20.9 SR-3 x64\ Notes: ### X-Ways Forensics Templates Website: Description: Templates for X-Ways Templates\ Author: Community Driven (multiple authors)\ License:\ Version: 0.0.2\ Notes: