# Forense

### Herramientas generales

* Autopsy - <http://www.sleuthkit.org/autopsy/>
* The Sleuth Kit - <http://www.sleuthkit.org/sleuthkit/desc.php>
* Cyber Triage - <https://www.cybertriage.com/>
* FTK Forensic Toolkit - <https://www.exterro.com/forensic-toolkit>
* FTK Imager - <https://www.exterro.com/ftk-imager\\>
  <https://go.exterro.com/l/43312/ccessData-FTK-Imager-4-7-1-exe/f6h77h>
* Elcomsoft Encrypted Disk Hunter - <https://www.elcomsoft.com/download/eedh.zip>
* Magnet Axiom Cyber - <https://www.magnetforensics.com/products/magnet-axiom-cyber/>
* Magnet Acquire - <https://www.magnetforensics.com/resources/magnet-acquire/>
* Magnet Encrypted Disk Detector - <https://www.magnetforensics.com/resources/encrypted-diskdetector/>
* Magnet Web Page Saver - <https://www.magnetforensics.com/resources/web-page-saver/>
* Velociraptor - <https://github.com/Velocidex/velociraptor>
* USB Detective - <https://usbdetective.com/community-download/>
* Bulk Extractor - <https://github.com/simsong/bulk\\_extractor>
* LEAF (Linux Evidence Acquisition Framework) - <https://github.com/alex-cart/LEAF>
* PARABEN SOFTWARE - <https://paraben.com/digital-investigation-tools/>
* GRR Rapid Response - <https://github.com/google/grr>
* MIG (real-time investigation tool) - <https://github.com/mozilla/mig>

### Distribuciones de Linux orientadas a Forense

* CAINE Linux Forensic - <https://www.caine-live.net/>
* DEFT Linux Forensic - <http://iso.linuxquestions.org/deft-linux/>
* TSURUGUI Linux Forensic - <https://tsurugi-linux.org/>
* KALI Linux Forensic Mode - <https://www.kali.org/docs/general-use/kali-linux-forensics-mode/>
* CSI Linux - <https://csilinux.com/download.html>
* PALADIN Linux - <https://sumuri.com/software/paladin/>
* SECURITY ONION Linux - <https://sumuri.com/software/paladin/>

### Herramientas para la RAM

* Magnet RAM Capture - <https://www.magnetforensics.com/resources/magnet-ram-capture/>
* Magnet Process Capture - <https://www.magnetforensics.com/resources/magnet-process-capture/>
* Volatility Memory Forensic - <https://www.volatilityfoundation.org/releases>
* Volatility 3 - <https://github.com/volatilityfoundation/volatility3>
* Belkasoft RAM Capture - <https://belkasoft.com/ram-capturer>
* SuperMEM (Python script) - <https://github.com/CrowdStrike/SuperMem>

### Herramientas para forense móvil

* Cellebrite UFED - <https://cellebrite.com/en/ufed-ultimate/>
* Oxygen Forensic Suite - <https://www.oxygen-forensic.com/es/products/oxygen-forensic-kit>
* MOBILedit Forensic - <https://www.mobiledit.com/downloads>
* Elcomsoft iOS Forensic Toolkit - <https://www.elcomsoft.com/eift.html>
* AFLogical OSE - <https://github.com/nowsecure/android-forensics>
* Open Source Android Forensics - <http://iyfbodn.com/?dn=osafcommunity.org\\&pid=9POT3387I\\&pbsubid=58dd4f67-5cbc-00d4-3572-\\>
  af52fa162d31\&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dosafcommunity.org%26skipskenzo%3Dtrue
* Andriller CE - <https://github.com/den4uk/andriller>
* Mobile Verification Toolkit - <https://github.com/mvt-project/mvt>
* Belkasoft Mobile Data Acquisition - <https://belkasoft.com/mobile\\_acquisition>
* Msab XRY Suite - <https://www.msab.com/>

### Recursos y enlaces de referencia

* <https://github.com/mikeroyal/Digital-Forensics-Guide>

![Credit: @sansforensics](/files/eWwkCQxCq3Q6RcFdIbxU)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://wiki.securiters.com/securiters-wiki/forense.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.