Tools I Use
A curated collection of cybersecurity tools I rely on for malware analysis, digital forensics, and red team operations. Hover over any tool to learn more about how I use it in real-world scenarios.
Digital Forensics
6 toolsโ๏ธ
AXIOM
Comprehensive forensics platform for extracting, processing, and analyzing evidence from computers, mobile devices, and cloud sources.
๐งพ
EnCase
Industry-standard forensic imaging and analysis tool for acquiring and analyzing disk images and artifacts.
๐๏ธ
FTK
Forensic Toolkit for processing large disk images, carving files, and performing keyword searches and timeline analysis.
๐พ
MacQuisition / Digital Collector
Tools for forensic acquisition of macOS and Windows systems (MacQuisition focused on macOS; Digital Collector for live collections).
๐ช
Paladin
Bootable forensics toolkit used for safe evidence acquisition and live-system triage.
โ๏ธ
Binalyze
Cloud-enabled platform for remote evidence collection and forensic analysis across distributed endpoints.
EDR / Endpoint Security
2 tools๐ก๏ธ
CrowdStrike Falcon
Cloud-native endpoint protection platform that provides EDR, threat intelligence, and real-time telemetry across large fleets.
โก
SentinelOne
Autonomous endpoint protection platform with prevention, detection, and response capabilities across OS platforms.
Network Security / Firewall
2 tools๐ฃ๏ธ
FortiGate
Enterprise firewall and network security appliance offering NGFW features, VPN, and traffic inspection.
๐
SonicWall
Firewall and secure remote access solution used in many SMB and enterprise environments.
Mobile Forensics
2 tools๐ฑ
Cellebrite
Mobile device forensics platform for extracting and analyzing data from smartphones and mobile devices.
๐ฐ๏ธ
Oxygen Forensic
Mobile extraction and analysis suite for deep mobile device artifact recovery and timeline analysis.
RMM / Service Management
2 tools๐ฅ๏ธ
ConnectWise
Remote monitoring and management platform for endpoint management, patching, and support workflows.
๐
ServiceNow
Enterprise service management platform used to track incidents, changes, and remediation workflows.
SIEM / Log Analysis
1 tools๐
Splunk
Scalable platform for ingesting, searching, and visualizing machine data and logs for security monitoring and investigations.
Search / Log Store
1 tools๐
Elasticsearch
Distributed search and analytics engine commonly used as a log store and for security telemetry indexing.
Pentest / Offensive Security
1 tools๐งฐ
Pentesting tools (various)
Collection of offensive-security tools and frameworks used for vulnerability discovery and exploitation in assessments.
Want to Learn More?
These tools are just the beginning. I regularly write detailed guides and case studies about using these tools in real-world scenarios.