- Passing
- Failing
- Pending
- Unknown / Exempted
Community Package Repository Notification
Your use of the packages on this site means you understand they are not supported or guaranteed in any way. Due to the nature of a public repository and unreliability due to distribution rights, these packages should not be used as is for organizational purposes either. Learn more.
Search for "tag:forensics" Returned 26 Package s
Displaying Results 1 - 26 of 26
-
4,964 Downloads
lnk (Windows shortcut) parser
- By:
- EricRZimmerman
>
-
3,848 Downloads
GUI jumplist parser with Windows 10 support
- By:
- EricRZimmerman
>
-
2,667 Downloads
Fast, multi-threaded file hashing utility
- By:
- EricRZimmerman
>
-
1,831 Downloads
Windows Volume Shadow Copy mounting tool
-
2,981 Downloads
TimeApp displays the current and UTC times with millisecond precision
- By:
- EricRZimmerman
>
-
4,979 Downloads
Amcache.hve parser
- By:
- EricRZimmerman
>
-
1,946 Downloads
The Sleuth Kit® is a collection of command line tools and a C library that allows you to analyze disk images and recover files from them. ... Keep Reading
- By:
- DeclanEWilliams
>
-
929 Downloads
Network Forensic Extendable Analysis Tool
-
3,346 Downloads
X-Ways Forensics Installation Manager
- By:
- EricRZimmerman
>
-
3,692 Downloads
geolocate ip addresses in IIS logs
- By:
- EricRZimmerman
>
-
1,608 Downloads
Windows Recycle Bin parser
- By:
- EricRZimmerman
>
-
3,195 Downloads
bstrings is a better strings utility
-
5,667 Downloads
AppCompatCache aka shimcache parser
>
-
2,276 Downloads
GUI SDB parser
- By:
- EricRZimmerman
>
-
4,533 Downloads
Windows prefetch parser
- By:
- EricRZimmerman
>
-
1,532 Downloads
Cutter is a free and open-source reverse engineering framework powered by radare2.
- By:
- GustavoLCR
>
-
143 Downloads
radare2 is a scriptable set of tools and libraries for reverse engineering and forensics.
- By:
- GustavoLCR
>
-
9,697 Downloads
Timeline Explorer allows for viewing a wide range of CSV files such as plaso/log2timeline and fls/mactime generated timelines. It can also... Keep Reading
- By:
- EricRZimmerman
- Tags:
- timeline
- plaso
- fls
- log2timeline
- forensics
>
-
5,474 Downloads
ShellBags Explorer allows for visually viewing and interacting with shell bags found in usrclass.dat and ntuser.dat Registry hives
-
21,845 Downloads
Executes processes in a protected, isolated space, otherwise known as a "sandbox"
-
16,583 Downloads
A single package that installs all my forensic tools
- By:
- EricRZimmerman
>
-
530 Downloads
NetworkMiner (free edition)
-
3,440 Downloads
NTFS MFT parser
- By:
- EricRZimmerman
>
-
7,714 Downloads
Registry Explorer is a Windows Registry analysis tool with a ton of functionality not found anywhere else
- By:
- EricRZimmerman
>
-
30,717 Downloads
Executes processes in a protected, isolated space, otherwise known as a "sandbox"
-
1,021 Downloads
Autopsy is a graphical interface to The Sleuth Kit and other open source digital forensics tools.

Event from
December 1 - December 16 2020
The 12 Days of Chocolatey livestream event may be over, but we've archived all the videos for you to watch again!
Watch on-Demand
Webinar Replay from
Tuesday, 23 June 2020
Chocolatey Central Management now includes the premiere feature of managing endpoints through a Chocolatey-centered solution aka Deployments. We are excited to share what Deployments is all about!
Learn More Watch On-DemandCOVID-19 Resources
Chocolatey Software is working harder than ever to provide solutions and resources for our customers and community. We'll continue to add to this area so check back often.
Find Resources
Chocolatey for Business Feature Video Series
In this video series, come take a tour of the many features available in our Chocolatey for Business offering. Many organizations choose Chocolatey for Business when they want to scale out their solution across thousands of nodes, deploy rapidly and reliably every time, mitigate risks with a greatly-simplified patching workflow, and access a Support Team that will guide you on your automation journey.
Watch the Series
Webinar Replay from
Thursday, 3 December 2020
Chocolatey Central Management's premiere feature of Deployments now can work with schedules, semi-connected environments, and CCM (Chocolatey Central Management) overall has a published API so you can accomplish more, much more. We are excited to share that with you!
Learn More Watch On-Demand
Webinar Replay from
Thursday, 10 December 2020
Together, Ansible and Chocolatey bring faster and more secure deployments to your Windows environments. Use Chocolatey for software/package management and Ansible to automate and guarantee the desired state of your Windows infrastructure, allowing your team to securely deploy applications faster than ever.
Learn More Watch On-Demand