Linux DFIR tools
The Linux operating system is deemed secure by default. While it has a strong core, breaches will happen. With Internet-of-Things and other developments, the number of breaches may even increase further. So it is expected that the demand for digital forensics and incident response (DFIR) will increase as well.
Linux DFIR tools are typically used for digital forensics and incident response.
Users for these tools include forensic specialists.
Popular Linux DFIR tools
Volatility (memory forensics framework)
Volatile memory framework used for forensics and analysis purposes. The framework is written in Python and runs on almost all platforms.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.