- Windows Registry Recovery:https://www.mitec.cz/wrr.html
- X-Ways Forensics:http://www.x-ways.net/forensics/index-c.html
- Magnet AXIOM:
- LogFileParser:https://github.com/jschicht/LogFileParser
- dfir_ntfs:https://github.com/msuhanov/dfir_ntfs/archive/1.0.9.tar.gz
- Forensic Disk Decryptor:https://cn.elcomsoft.com/efdd.html
- DiskGenius:https://www.diskgenius.cn/
- volatility:https://github.com/volatilityfoundation/volatility
- AccessData FTK Imager:
若有收获,就点个赞吧
0 人点赞
