Linux DFIR tools
The Linux operating system is deemed secure by default. While it has a strong core, breaches will happen. With Internet-of-Things and other developments, the number of breaches may even increase further. So it is expected that the demand for digital forensics and incident response (DFIR) will increase as well.
Linux DFIR tools are typically used for digital forensics and incident response.
Users for these tools include forensic specialists.
dfis (DFIR toolkit)
This toolkit of scripts are made by Hal to help in forensic assignments. They make several parts of the job easier, like converting data to another format for further processing.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.