# Raw Parsers / Decoders

### Bulk Extractor

Website: <https://digitalcorpora.org/downloads/bulk\\_extractor> & <https://github.com/simsong/bulk\\_extractor\\>
Description: Tool for extracting artifacts from random data\
Author: Simson L. Garfinkel\
License: MIT License (<https://github.com/simsong/bulk\\_extractor/blob/main/LICENSE.md)\\>
Version: 1.5.5\
Notes:

### Cyberchef

Website: <https://github.com/gchq/cyberchef\\>
Description: Web app for encryption, encoding, compression and data analysis\
Author: GCHQ\
License: Apache License v2.0 (<https://github.com/gchq/CyberChef/blob/master/LICENSE)\\>
Version: 10.5.2\
Notes:

### Data Dump

Website: <https://www.digital-detective.net/datadump/\\>
Description: Tool to extract segments of data from an image or device\
Author: Craig Wilson (<https://www.digital-detective.net)\\>
License:\
Version: 2.2.23081.23\
Notes: x86

### DCode

Website: <https://www.digital-detective.net/dcode\\>
Description: Timestamp encoder/decoder\
Author: Craig Wilson (<https://www.digital-detective.net)\\>
License:\
Version: 5.5.21194.40\
Notes:

### Hex Editor Neo (Free)

Website: <https://www.hhdsoftware.com\\>
Description: Hex Editor\
Author: HHD Software\
License: EULA (<https://www.hhdsoftware.com/company/terms-of-use)\\>
Version: 7.37.00.8578\
Notes:

### HxD

Website: <https://mh-nexus.de\\>
Description: Hex Editor\
Author: Mael Horz\
License: <https://mh-nexus.de/en/about.php\\>
Version: 2.5.0.0\
Notes:

### iptools

Website: <https://github.com/digitalsleuth/forensics\\_tools\\>
Description: IP / Hex / Dec Conversion tool\
Author: Corey Forman\
License: GNU General Public License v3.0 (<https://github.com/digitalsleuth/forensics\\_tools/blob/master/LICENSE)\\>
Version: 1.1\
Notes:

### MemProcFS

Website: <https://github.com/ufrisk/MemProcFS\\>
Description: Memory Process File System\
Author: Ulf Frisk\
License: GNU Affero GPL v3.0 - <https://github.com/ufrisk/MemProcFS/blob/master/LICENSE\\>
Version: 5.8.7\
Notes:

### Passware Encryption Analyzer

Website: <https://www.passware.com\\>
Description: Encryption detection tool for various file types\
Author: Passware - Dmitry Sumin\
License: EULA (<https://support.passware.com/hc/en-us/articles/221742768-What-are-the-terms-of-the-end-user-license-agreement-for-Passware-software-)\\>
Version: 2023.3.1.3695\
Notes:

### photorec / testdisk

Website: <https://www.cgsecurity.org/\\>
Description: Raw data parsing tool\
Author: Christophe Grenier\
License: GNU General Public License v2.0 (<https://git.cgsecurity.org/cgit/testdisk/tree/COPYING)\\>
Version: 7.1\
Notes:

### pyson4

Website: <https://github.com/digitalsleuth/pyson4\\>
Description: A jsonlz4 file parser for Firefox\
Author: Corey Forman\
License: GNU General Public License v3 (<https://github.com/digitalsleuth/pyson4/blob/master/LICENSE)\\>
Version: 1.1\
Notes: pyson4, pyson4.py

### smi-parser

Website: <https://github.com/digitalsleuth/smi-parser\\>
Description: Parses Caroolive SMI GPS files\
Author: Corey Forman\
License: GNU General Public License v3.0 (<https://github.com/digitalsleuth/smi-parser/blob/main/LICENSE)\\>
Version: 1.1.0\
Notes: Available, but not installed by default

### synchrony

Website: <https://github.com/relative/synchrony\\>
Description: Javascript Cleaner and Deobfuscator\
Author: relative\
License: GNU General Public License v3 (<https://github.com/relative/synchrony/blob/master/LICENSE.md)\\>
Version: 2.4.2\
Notes: Requires nodejs to install, command is 'synchrony'

### time-decode

Website: <https://github.com/digitalsleuth/time\\_decode\\>
Description: Python timestamp encode / decode utility\
Author: Corey Forman\
License: MIT License (<https://github.com/digitalsleuth/time\\_decode/blob/master/LICENSE)\\>
Version: 4.2\
Notes:

### yara-python

Website: <https://github.com/VirusTotal/yara-python\\>
Description: Analyze files by generating rules around data to be found\
Author: Victor M. Alvarez (plusvic)\
License: Apache License v2.0 (<https://github.com/VirusTotal/yara-python/blob/master/LICENSE)\\>
Version: 4.2.3\
Notes: