If you are looking for a comprehensive Forensics And Incident Response toolkit, the answer is CAINE (Computer Aided INvestigative Environment).
CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.
CAINE represents fully the spirit of the Open Source philosophy because the project is completely open, everyone could take on the legacy of the previous developer or project manager. The distro is open source, the Windows side is freeware and, the last but not least, the distro is installable, thus giving the opportunity to rebuild it in a new brand version, so giving a long life to this project.
Here you can download the CAINE free ISO image. The ISO fits approx. 3800 MB.
Volatility is a command line memory analysis and forensics tool for extracting artifacts from memory dumps. Volatility Workbench is free, open source and runs in Windows. It provides a number of advantages over the command line version including,
No need of remembering command line parameters.
Storage of the operating system profile, KDBG address and process list with the memory dump, in a .CFG file. When a memory image is re-loaded, this saves a lot of time and avoids the frustration of not knowing the correct profile to select.
Simpler copy & paste.
Simpler printing of paper copies (via right click).
Simpler saving of the dumped information to a file on disk.
A drop down list of available commands and a short description of what the command does.
Time stamping of the commands executed.
Auto-loading the first dump file found in the current folder.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
1 year 24 days
Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
5 months 27 days
This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.