Rocheston Aina

The Aina Assistant can answer your forensic questions in real-time:

“What processes were injected in this memory dump?”

“Show me connections between this IP and the suspect email.”

“Generate a timeline of all activities linked to this user.”

“Analyze this malware sample and summarize its behavior.”

Rocheston Fire with Aina transforms the way investigators work. It combines the precision of forensic tools with the intelligence of AI, creating a dynamic investigative environment that is faster, more accurate, and more intuitive than ever before.

With Aina embedded directly within Rocheston Fire, every investigation becomes a conversation with your AI partner — guiding, assisting, and automating the heavy lifting so you can focus on solving the crime.

Welcome to the future of digital forensics. Rocheston Fire: Where AI meets investigation.

Rocheston Fire – AI-Powered Cybercrime Investigation Platform

Rocheston Fire is not just another digital forensics operating system — it is an intelligent AI-powered cybercrime investigation platform. At its core lies Aina, Rocheston’s advanced artificial intelligence engine that works side-by-side with investigators, automating the most complex parts of the digital investigation process.

Aina uses machine learning, natural language processing, and data correlation algorithms to analyze massive amounts of forensic evidence in seconds. It helps you detect anomalies, connect hidden patterns, identify malicious behaviors, and even predict attacker intent. What once took hours of manual log correlation or memory analysis can now be done almost instantly with Aina’s assistance.

Using AI-driven reasoning, Aina automatically interprets registry data, file timelines, and network logs to reconstruct the story behind a breach. It learns from your cases, becoming smarter over time, offering context-aware insights that improve with every investigation.

Rocheston Fire – The Ultimate Cybercrime Investigation Operating System

Rocheston Fire is the most powerful and complete digital forensics and cybercrime investigation operating system ever created. Built from the ground up by Rocheston, it powers the Rocheston Certified Cybercrime Investigator (RCCI) program and redefines how digital evidence is collected, analyzed, and reported.

This is not just an OS—it is a complete investigation ecosystem designed for cybercrime investigators, law enforcement professionals, and cybersecurity experts.

Download the virtual appliance, boot it up, and start investigating. It’s that simple. Visit cyberlaws.rocheston.com and get started today.

Rocheston Fire unifies every major domain of cyber forensics into one intuitive platform:

Imaging and Evidence Acquisition
Hash and Integrity Verification
Disk and Partition Mounting
Timeline and Event Reconstruction
Artifact and Metadata Analysis
File and Data Recovery
Memory Forensics and Volatility Analysis
Malware Disassembly and Reverse Engineering
Password Recovery and Cracking
Network Packet Analysis and Intrusion Tracing
Picture and Multimedia Forensics
Mobile Device Examination (Android/iOS/BlackBerry)
Open Source Intelligence (OSINT) Collection
Cloud and Virtual Environment Forensics
Cryptocurrency Wallet and Transaction Tracing
•Secure Reporting and Case Documentation

IMAGING

Rocheston Fire provides enterprise-grade imaging and cloning utilities that ensure forensic soundness. Investigators can acquire bit-for-bit copies of disks, partitions, USB drives, or mobile devices using Cyclone, dc3dd, ewfacquire, FTK Imager, Guymager, and many more. Imaging integrity is verified instantly with cryptographic hash comparison tools.

HASH

Built-in hash verification tools including GtkHash, QuickHash, Hash Buster, and rahash2 allow investigators to confirm data integrity across MD5, SHA1, SHA256, SHA512, and custom algorithms. Rocheston Fire also includes fuzzy hash systems such as ssdeep and tlsh for similarity matching of partially modified files.

MOUNT

Fire allows seamless mounting of forensic images, including EWF, AFF, and RAW. Investigators can decrypt and mount BitLocker volumes using dislocker, or open VeraCrypt and ZuluCrypt containers. Cloud disks, APFS, NTFS, FAT, BTRFS, XFS, and ZFS are all supported natively.

TIMELINE

Reconstruct entire system timelines with Plaso, Timesketch, and Sleuth Kit utilities. Investigators can correlate registry modifications, log entries, browser history, and file system changes into a single chronological narrative of events leading to a breach or compromise.

ARTIFACTS ANALYSIS

Rocheston Fire excels at artifact extraction across Windows, macOS, Linux, and mobile platforms. Analyze registry hives, browser history, prefetch data, email archives, and system logs with advanced tools like RegRipper, Chainsaw, Evtxtract, Autopsy, and The Sleuth Kit.

DATA RECOVERY

Recover deleted or corrupted files using TestDisk, PhotoRec, Scalpel, and Foremost. Specialized modules rebuild broken partitions and reconstruct fragmented files even from failing storage media.

MEMORY FORENSICS

With Volatility3, Beagle, and avml, Rocheston Fire enables live memory capture, decryption key extraction, and malware process identification. Investigators can uncover rootkits, process injections, and in-memory artifacts missed by standard disk analysis.

MALWARE ANALYSIS

Analyze and dissect malware samples safely within sandboxed environments. Tools like Radare2, Cutter, YARA, ClamAV, and CyberChef allow static and dynamic examination of executables, macros, PDFs, and network payloads. Reverse-engineer obfuscated binaries, extract embedded code, and identify indicators of compromise.

PASSWORD RECOVERY

Rocheston Fire integrates the most extensive suite of password cracking and recovery utilities available: John the Ripper, Hashcat, Aircrack-ng, Ophcrack, BTCrecover, and PDFCrack. Both offline and online brute-force utilities are optimized for GPU acceleration.

NETWORK ANALYSIS

From capturing packets to reconstructing entire network sessions, Rocheston Fire provides Zeek, Suricata, Wireshark, Ettercap, Masscan, Nmap, and ReconSpider. Investigators can trace attacker movements, identify command-and-control servers, and analyze encrypted traffic streams.

PICTURE ANALYSIS

For image and steganography investigation, tools like Exiftool, Depix, Sherloq, StegHide, and ForensicPlate enable extraction of metadata, detection of hidden content, and comparison of digital fingerprints.

MOBILE FORENSICS

Rocheston Fire supports forensic examination of Android, iOS, and BlackBerry devices. Using Andriller, iLEAPP, WhatsApp Key Extractor, Telegram Dump, and iOS triage tools, investigators can extract messages, call logs, app data, and encrypted backups with precision.

OSINT

Gather intelligence from the open web with Spiderfoot, Maltego, The Harvester, ReconDog, and GHunt. Fire includes automated scraping modules for email, domain, IP, and social media analysis, helping investigators link identities, map infrastructures, and uncover hidden relationships.

CLOUD ANALYSIS

With AWS IR, ScoutSuite, and CloudForensics tools, Rocheston Fire can analyze virtual environments and cloud infrastructures. Investigators can examine S3 buckets, EC2 metadata, IAM policies, and virtual machine snapshots to trace malicious activities.

VIRTUAL FORENSICS

Fire integrates support for virtual disk images and containers. Analyze VMware VMDK, Hyper-V, and Docker artifacts using vmdkmount, docker-explorer, and QEMU tools.

CRYPTOCURRENCY

Investigate blockchain transactions and crypto wallets using BTCrecover, Bitcoin-Tool, Electrum, and PyWallet. Detect laundering activities, recover lost wallet keys, and correlate wallet addresses with suspects.

OTHER TOOLS

Rocheston Fire includes a complete arsenal of auxiliary utilities for NFC analysis, secure deletion, USB device tracking, and audit logging. Investigators can securely wipe media, inspect smart cards, or trace USB connections using USBGuard and usbrip.

REPORTING

Document your entire investigation with built-in reporting and note-taking tools like CherryTree, Aurora, Zim Wiki, and wkhtmltopdf. Generate professional-grade forensic reports with embedded screenshots, hash logs, and timelines ready for courtroom presentation.

WHY ROHESTON FIRE

Rocheston Fire is not just another forensic Linux distribution. It’s a unified investigative framework designed for the future of cybercrime response. Every command, GUI tool, and plugin has been carefully curated, tested, and preconfigured for reliability and precision.

With Rocheston Fire, investigators don’t just analyze evidence—they uncover truth.

Start your digital investigation journey today. Download Rocheston Fire from cyberlaws.rocheston.com and ignite your investigation.

Rocheston Fire Screenshots

List of Tools in Rocheston Fire

IMAGING

Cyclone
dc3dd
dcfldd
dd
dd_rescue
ddrescue
DDRescue-GUI
ewfacquire
ewfacquirestream
ftkimager
guymager
OTHER TOOLS

AFF
affcat
affcompare
affconvert
affcopy
affcrypto
affdiskprint
affinfo
affix
affrecover
affsegment
affsign
affstats
affverify
affxml
EWF
ewfdebug
ewfexport
ewfinfo
ewfrecover
ewfverify
RAW
dd BufferSize Calculator
ddrescuelog
ddrescueview
ccd2iso
dmde
tableau-parm
HASH

GtkHash
Hash Buster
hashboy
hashid
md5sum
MurMurHash
OpenTimestamps
ots-git-gpg-wrapper
pehash
QuickHash
rahash2
search-that-hash
sha1sum
sha224sum
sha256sum
sha384sum
sha512sum
simhash

FUZZY HASH
hashdeep
md5deep
sha1deep
sha256deep
ssdeep
tigerdeep
tlsh_unittest
whirpooldeep
MOUNT

cryptmount
cryptmount-setup
disktype
fdisk
ideviceimagemounter
mmls
udisksctl
vblade
vbladed
yarp-mount
VeraCrypt CLI
VeraCrypt GUI
ZuluCrypt
ZuluMount
affuse
apfs-fuse
ewfmount
fsapfsmount
fusermount
imount
mount
kpartx
thumbtack
xmount
--
Disk Image Mounter
MATE Disk Image Mounter

BITLOCKER
bdeinfo
bdemount
dislocker
dislocker-bek
dislocker-file
dislocker-find
dislocker-fuse
dislocker-metadata
CLOUD
aws_cli
aws_ir
aws_respond
cloudforensics
curryfinger
ec2metadata
enumerate-iam
growpart
margaritashotgun
s3fs
SimpleS3Scanner
ScoutSuite
sshfs
vcs-run
SHADOW COPY
image_export
vsc_mount
vshadowdebug
vshadowinfo
vshadowmount
VIRTUAL
snapper
snapper GUI
vmdkinfo
vmdkmount
OTHER TOOLS
cryptmount
cryptmount-setup
disktype
fdisk
ideviceimagemounter
mmls
udiskctl
vblade
vbladed
yarp-mount
Veracrypt CLI
Veracrypt GUI
zuluCrypt
zuluMount
TIMELINE

PLASO
pinfo
psort
psteal
Timesketch Launcher
ADD new Timesketch User
glogg
mactime
reglookup-timeline
Velociraptor
yarp-timeline
THE SLEUTH KIT
Autopsy
blkcalc
blkcat
blkls
blkstat
fcat
ffind
fiwalk
fls
fsstat
hfind
icat
ifind
ils
img_cat
img_stat
istat
jcat
jls
jpeg_extract
mactime
mmcat
mmls
mmstat
sigfind
sorter
srch_strings
tsk_comparedir
tsk_gettimes
tsk_loaddb
tsk_recover
usnjls
image_export
mactime
ARTIFACTS ANALYSIS

APPLE/MAC
automactc
ds_store
plistutil
BOOT CODE
UEFITool
UEFIPatch
UEFIReplace
BROWSER
galleta
hstsparser
pasco
EMAIL
dmitry
email2png
emlAnalyzer
emldump
h8mail
grepmail
lspst
Mail Header Analyzer
MHonArc
mha-decode
mha-dbedit
mha-dbrecover
pffexport
pffinfo
pst2dii
pst2ldif
readpst
tnef
urlscan
FILE SYSTEM
APFS
apfs-dump
apfs-dump-quick
apfs-fuse
apfs-fuse
apfsutil
fsapfsinfo
fsapfsmount
BTRFS
apt-btrfs-snapshot
btrfs
btrfsck
btrfs-convert
btrfs-find-root
btrfs-image
btrfs-map-logical
select-super
btrfstune
FAT
fatattr
fatcat
fatresize
HFS
hfsprescue
NTFS
AnalyzeMFT
fsntfsinfo
MFTEntryCarver
mft2es
mft2json
ntfs_parser
parse_MFT
scrounge-ntfs
usncarve
USN Journal Parser
usnjls
XFS
xfs_admin
xfs_copy
xfsdump
xfs_freeze
xfs_growfs
xfsinvutil
xfs_logprint
xfs_metadump
xfs_ncheck
xfs_repair
xfs_rtcp
xfs_scrub_all
xfs_bmap
xfs_db
xfs_estimate
xfs_fsr
xfs_info
xfs_io
xfs_mdrestore
xfs_mkfile
xfs_quota
xfsrestore
xfs_scrub
xfs_quota
xfs_spaceman
ZFS
arc_summary
arcstat
dbufstat
zdb
zed
zfs
zhack
zpool
ztreamdump
zvol_wait
FILES
bulk_extractor
cacador
dmde
fastfinder
fidentify
file
findwild
FSearch
hexbin
image_export
ioc-finder
mac-robber
macsave
macstream
macunpack
ncdu
msort
pyWhat
Recoll
ripgrep
seqparser
sort
sqlitebiter
strings
uniq
GOOGLE TAKEOUT
google-photos-takeout-helper
Location History Visualizer
JUMP LIST
lifer
lnkinfo
LnkParse
METADATA
bulk_extractor
cacador
dmde
exiftool
findwild
olemeta
OFFICE DOCUMENTS
catdoc
catppt
docx2txt
wordview
xls2csv
P2P
amule-emc
bittorrent-forensics
magneticod
magneticow
PREFETCH
prefetch.py
REGISTRY
Fred
pypykatz
regdiff
reglookup
reglookup-recover
reglookup-timeline
regpatch
RegRipper
regshell
regtree.pl
---
reg_compname
reg_filedialogmru
reg_lastloggedon
reg_mndmru
reg_portproxy
reg_rdphint
reg_recentdocs
reg_regtime
reg_run
reg_runmru
reg_services
reg_srum
reg_sysinternals
reg_timezone
reg_typedurls
reg_uninstall
reg_userassist
reg_version
regrip.py
yarp-carver
yarp-memcarver
yarp-mount
yarp-print
yarp-timeline
TRASH
rifiuti
rifiuti2
rifiuti-vista
WINDOWS LOGS
bits_parser
chainsaw
evtexport
evtinfo
evtxexport
evtxinfo
evtx2es
evtx2json
evtxtract
grokevt-addlog
grokevt-builddb
grokevt-dumpmsgs
grokevt-findlogs
grokevt-parselog
grokevt-ripdll
zircolite
zircolite_legacy
Beagle
Logon tracer
DATA RECOVERY

afro
bits_parser
bulk_extractor
catfish
Catfish file search
DDRescue-GUI
dd_rescue
ddrescue
ddrescuelog
ddrescueview
dmde
evtxtract
ext3grep
ext4magic
extundelete
foremost
keyhunter
MFTEntryCarver
mha-dbrecover
myrescue
myrescue-bitmap2ppm
myrescue-stat
photorec
pyWhat
recoverdm
recovejpeg
recovery.py
RecuperaBit
reglookup-recover
rifiuti
rifiuti2
rifiuti-vista
safecopy
scalpel
scrounge-ntfs
testdisk
tsk_recover
usncarve.py
yarp-carver
MEMORY FORENSICS

aeskeyfind
avml
avml-convert
Beagle
evtxtract
pypykatz
rsakeyfind
Volatility3
volshell
vshot
WinSuperMem
yarp-memcarver
MALWARE ANALYSIS

BINARY
PEV
ofs2rva
pedis
pehash
pepack
peres
pescan
pesec
pestr
readpe
rva2ofs
RADARE2
cutter
r2agent
r2pm
rabin2
radare2
radiff2
rafind2
ragg2
rahash2
rarun2
rasm2
rax2
radare2
binwalk
Bless Hex Editor
cstool
dwarfdump
hashdeep
ltrace
objdump
strace
strace-log-merge
vbindiff
XELFViewer
DEBUGGER
gdb
heaptrace
DECODER
CyberChef
rhino
rhino-debugger
rhino-jsc
FLASH
swfmill
JAVASCRIPT
js-beautify
rhino
rhino-debugger
rhino-jsc
NETWORK
hfinger
OFFICE DOCUMENTS
catdoc
catppt
docx2txt
ezhexviewer
ftguess
mraptor
msodde
olebrowse
oledir
oledump
olefile
oleid
olemap
olemeta
oleobj
oletimes
olevba
pyxswf
rtfdump
rtfobj
unoconv
unrtf
vba_extract
wordview
xls2csv
XMLMacroDeobfuscator
PDF
DiffPDF
diffpdf
pdf2dsc
pdf2ps
pdfattach
pdfcrack
pdfdetach
pdffonts
pdfgrep
pdfimages
pdfinfo
pdfroff
pdfseparate
pdfsig
pdftocairo
pdftohtml
pdftoppm
pdftops
pdftotext
pdfunite
peepdf
SANDBOX
firejail
Firejail Configuration Wizard
firetools
SCANNER
clamav
chkrootkit
fenrir
hypernode-mwscan
Lynis auditing tool
mwscan
pescan
rkhunter
vtscan
vtTool
yara
yara
yara
yara
XOR
xor_encrypt_file
xor_key_recovery
xortool
xortool-xor
OTHER TOOLS
trid
upx_dec
upx-ucl
colorize
filecompare
pyWhat
PASSWORD RECOVERY

OFFLINE PASSWORDS
aircrack-ng
Android-PIN-Bruteforce
bruteforce-luks
bruteforce-salted-openssl
bruteforce-wallet
bulk_extractor
BTCrecover
CiLocks
cmospwd
cyphey
credtools
cupp
dsniff
fcrackzip
fcrackzipinfo
hashboy
Hash Buster
hashcat
John The Ripper
Johnny
keyhunter
msoffcrypto-tool
msoffice_decrypt
Ophcrack
ophcrack-cli
pdfcrack
psk-crack
rarcrack
samdump2
sipcrack
sucrack
ONLINE PASSWORDS
dsniff
XHydra
h8mail
medusa
ncrack
patator
search-that-hash
sipdump
WORDLIST
crunch
cupp
duplicut
pypykatz
pyWhat
RadioCarbon
OFFICE

CSV
csvclean
csvcut
csvformat
csvgrep
csvjoin
csvjson
csvlook
csvpy
csvsort
csvsql
csvstack
csvstat
csvtool
datamash
in2csv
sql2csv
xls2csv
xlsx2csv
Atril Document Viewer
Evolution
LibreOffice
LibreOffice Calc
LibreOffice Draw
LibreOffice Impress
LibreOffice Math
LibreOffice Writer
MATE Dictionary
unoconv
GRAPHICS

Darktable
Document Scanner
Eye of MATE Image Viewer
ImageMagick
MATE Color Selection
Shotwell
Take screenshot
Hi-DPI zoom
SOUND & VIDEO

Audacity
Brasero
Celluloid
Cheese
guvcview
LosslessCut
Kazam
Rhythmbox
Sound
VLC media player
convert-videos
ffmpeg
ffmpegthumbnailer
ACCESSORIES

Vim
KeePassXC
gpa
NETWORK ANALYSIS

amass
anon_names
arp-scan
badKarma
clockdiff
ct-exposer
CURRYFINGER
dhcpdump
dmitry
dnsanon
dnsenum
dnsmap
dnsmap-bulk
dnsrecon
dnstop
dnstwist
dnswalk
driftnet
Elasticsearch-Crawler
ethtool
file2pcap
findsmb
frogger
fping
fping6
gasmask
gdown
hakrawler
hassh
hping3
iftop
ike-skan
ipcalc
ipinfo
iptraf-ng
kafka-assigner
kafka-protocol
lft
macchanger
masscan
mdns-scan
nbtscan
ndisc6
netcat
netdiscover
netsed
nmap
ngrep
pypykatz
PythonHunt
R3con1z3r
racoon
Recon Spider
ReconDog CLI
ReconDog MENU
scapy
smbmap
smistrip
snarf
sipdump
speedtest
ssh-mitm
ssh-proxy-server
ssldump
sslsniff
sslsplit
sslyze
suricata
tcptraceroute
tcptraceroute6
torghost
torify
torsocks
traceroute
whob
whois
wondershaper
urlscan
urlsnarf
urlview
WhatWeb
yersinia
Zenmap
Zenmap (as root)
LOGS
awstats
Beagle
bro-cut
cacador
ccze
glogg
grepcidr
lnav
lorg
multitail
nmap-parse-output
s3stat
teler
---
Elastic Search
Logstash
Kibana
PCAP
ZEEK TOOLS
adtrace
bifcl
binpac
bro
bro-config
bro-cut
btest
btest-ask-update
btest-bg-run
btest-bg-wait
btest-diff
btest-diff-rst
btest-progress
btest-rst-cmd
btest-rst-include
btest-rst-pipe
capstats
paraglob-test
rst
trace-summary
zeek
zeek-archiver
zeek-config
zeekctl
zeek-cut
zkg
Brim
caronte
EtherApe
Ettercap GUI
Wireshark
---
driftnet
dsniff
editcap
ettercap
filesnarf
hassh
hfinger
ja3
mailsnarf
msgsnarf
ngrep
pcapfix
pyWhat
smbtimeline
snarf
tcpbridge
tcpcapinfo
tcpdump
tcpflow
tcplivereplay
tcpick
tcpprep
tcpreplay
tcpreplay-edit
tcprewrite
tcpslice
tcpspy
tcpstat
tcptrace
tcptrack
tcpxtract
tshark
urlsnarf
WIRELESS
aircrack-ng
airmon-ng
airodump-ng
btscanner
find3
hcidump
LinSSID
PICTURE ANALYSIS

Darktable
Sherloq
Depix
driftnet
ExifRead
exif
exifprobe
exiftime
exiftool
exiv2
findimagedupes
ForensicPlate
GenPixed
imageDifferenceHash_dirlist
jpeg_extract
mat2
outguess
outguess-extract
pngcheck
pngcrush
pngsplit
recoverjpeg
seek_script
searchScreenshots
stegtools
steghide
stegsnow
stegosuite
stegoveritas
stegoveritas_hide_lsb
vinetto
COMPUTER VISION
FACE DETECT LANDMARKS
Face Detection
Face Detect Tsurugi
Face Detect Landmarks Tsurugi
Face Landmarks Tsurugi
Face Recognition
FACE RECOGNITION WEB GUI
Facerec Web GUI
FACE RECOGNITION KNN
Facerec KNN GUI
LearnArgs KNN
Learn RecognizeArgs KNN
RecognizeArgs KNN
FACE ENCODING
Build Face Dataset
Encode Faces Dataset
Face Recognition Encoding
Facerec Dataset Encoding GUI
FACE DIRLIST
Facerec DirList Image
FACE RECOGNITION VIDEO
Facerec video2video (Facerec from video save Video & Image)
OBJECT DETECTION
Object detection live write video
Object detection live
Object detection video write video
Object detection video
Object detection GUI
OCR
video2ocr Tsurugi
alpr
alprd
gocr
tesseract
tesseract installed languages
---
ambiguous_words
classifier_tester
cntraining
combine_lang_model
combine_tessdata
dawg2wordlist
lstmeval
lstmtraining
merge_unicharsets
mftraining
set_unicharset_properties
shapeclustering
text2image
unicharset_extractor
wordlist2dawg
MOBILE FORENSICS

APPLICATIONS
WHATSAPP
whapa-gui
whachat
whacipher
whacloud
whagodri
whapa
whamerge
WhatsAppKeyDBExtract
TELEGRAM
telegram-export
telegram-messages-dump
ANDROID
adb2rec
adb2recGUI
android_triage
Android File Transfer (MTP)
---
abootimg
abootimg-pack-initrd
abootimg-unpack-initrd
adb
Andriller CLI
Andriller GUI
Androwarn
apkleaks
apktool
dmtracedump
e2fsdroid
etc1tool
fastboot
hprof-conv
make_f2fs
make_f2fs_casefold
mke2fs
mvt-android
scrcpy
sload_f2fs
super-analyzer
BLACKBERRY
ipddump
IOS
ios_triage
apollo
checkra1n
iLEAPP
ileappGUI
mvt-ios
IDEVICE TOOLS
idevice_id
idevicebackup
IdeviceBackup2
idevicedate
idevicedebug
idevicedebugserverproxy
idevicediagnostics
idevicecenterrecovery
ideviceimagemounter
ideviceinfo
idevicename
idevicenotificationproxy
idevicepair
ideviceprovision
idevicescreenshot
idevicesyslog
SYSDIAGNOSE SCRIPTS
sysdiagnose-appconduit
sysdiagnose-appupdates
sysdiagnose-mobileactivation
sysdiagnose-mobilebackup
sysdiagnose-mobilecontainermanager
sysdiagnose-net-ext-cache
sysdiagnose-networkinterfaces
sysdiagnose-networkprefs
sysdiagnose-sys
sysdiagnose-uuid2path
sysdiagnose-wifi-icloud
sysdiagnose-wifi-kml
sysdiagnose-wifi-net
sysdiagnose-wifi-plist
DB Browser for SQLite
kobackupdec
CLOUD ANALYSIS

aws CLI
aws_ir
aws_respond
cloudforensics
CURRYFINGER
ec2metadata
growpart
margaritashotgun
s3fs
sshfs
vcs-run
OSINT

OSINT Switcher
OSINT browser
Tor Browser
---
EMAILS
arachnid
EmailHarvester
email2phonenumber
GHunt
h8mail
harpoon
holehe
mailcat
mosint
protondate
Recon Spider
seqparser
vichiti
YaSeeker
NETWORK
amass
anon_names
ct-exposer
CURRYFINGER
dmitry
dnsanon
dnsrecon
dnstwist
favUp
gasmask
hakrawler
hakrevdns
harpoon
ipinfo
Photon
PythonHunt
R3con1z3r
racoon
Recon Spider
ReconDog CLI
ReconDog MENU
Sublist3r
smbmap
seqparser
torghost
vichiti
WhatWeb
PHONE NUMBERS
arachnid
email2phonenumber
PhoneInfoga
Recon Spider
TheScrapper
SOCIAL
arachnid
harpoon
Maigret
marple
nexfil
profil3r
Recon Spider
social-analyzer
Sherlock
snscrape
socid_extractor
The Harvester
trape
userrecon
userrecon.sh
YaSeeker
Facebook Information
ffff
fint
instagram-locations-search
Instaloader
InstaLooter
Osintgram
toutatis
vichiti
CrossLinked
linkedin2username
snapchat-sl
tweets_analyzer
twint
TwitWork
GHunt
youtube-dl
yt-dlp
yttool
TOR
darkdump
harpoon
onioff
Onion Search
recap
seqparser
TorCrawl
WEB
Browser Mirrored Websites
WebHTTrack Website Copier
ddgr
dork-eye
Fast-Google-Dork-Scan
GitDorker
harpoon
Internet Archive
Katana Dork Scanner
Maigret
metagoofil
Photon
raccoon
ReconCat
recon-cli
recon-ng
recon-web
The Harvester
shodan
sqlitebiter
URLextractor
vichiti
wad
wayback_machine_downloader
waybackpy
WhatWeb
wkhtmltoimage
wkhtmltopdf
YaSeeker
OTHER
ChronoCalc
Elasticsearch-Crawler
GHunt
gwhois
occli
search-that-hash
SlackPirate
Maltego
Maltego Memory Config
spiderfoot CLI
spiderfoot HELP
spiderfoot START
VIRTUAL FORENSICS

CONVERSION
qemu-img
DOCKER
docker-explorer
DockerScan
Lynis auditing tool
machinectl
systemd-nspawn
virtualenv
CRYPTO CURRENCY

BitAddress
Bitcoin Bash Tools
Bitcoin-Tool
bruteforece-wallet
BTCrecover
BTCscan
check_bchain
Coinbin
Electrum
hd-wallet-addrs
hd-wallet-derive
keyhunter
Orbit
pywallet
wallet-parser
wt_extract_keys
audit-P2SH-multisig
OpenTimeStamps
ots-git-gpg-wrapper
seqparser
vichiti
OTHER TOOLS

NFC
Cardpeek
mfoc
mfcuk
nfc-list
mifare-classic-format
mifare-classic-read-ndef
mifare-classic-write-ndef
mifare-desfire-access
mifare-desfire-create-ndef
mifare-desfire-ev1-configure-ats
mifare-desfire-configure-default-key
mifare-desfire-configure-random-uid
mifare-desfire-format
mifare-desfire-info
mifare-desfire-read-ndef
mifare-desfire-write-ndef
mifare-ultralight-info
SECURE DELETE
czkawka_gui
czkawka_cli
shred
wipe
sdmem
sfill
srm
sswap
ciphey
hcidump
hwclock
Lynis auditing tool
qrencode
RsaCtfTool
sdtool
USBguard
USBguard-rule-parser
usbrip
REPORTING

Aurora
CherryTree
Geany
Kazam
pdftoppm
Pluma Text editor
Shutter
System Profiler and Benchmark
Take screenshot
vsdump
wkhtmltoimage
wkhtmltopdf
Recoll
Zim Desktop Wiki
PROGRAMMING

DIFF TOOLS
cmp
colordiff
diff
diff3
diffpdf
DiffPDF
diffsitter
dirdiff
docdiff
dupeguru
dwdiff
dwfilter
fldiff
hexdiff
imediff2
Meld
sdiff
tzdiff
vbindiff
wdiff
xmldiff
xmlpatch
Bless Hex Editor
Code::Blocks IDE
DB Browser for SQLite
dos2unix
Geany
GHex
jq
PowerShell
Python (v2.7)
Python (v3.8)
shc
shellcheck
sqlitebiter
tidy
tree
visual-regexp
XELFViever
xpra
OTHER

chisel
cntlm
connect-proxy
corkscrew
iodine
OpenConnect
openvpn
proxychains
proxytunnel
rdesktop
Remmina
Remotedesktop Connect
Remote Desktop Client
sshuttle
stunnel
TeamViewer launcher
tmate
tmuxinator
xfreerdp
etherwake
pingtest
speedtest-cli
x2vnc
SYSTEM TOOLS

Dashboard Tsurugi
RAM saturation workaround
Show Local USB Devices logs
TSURUGI sword
System Profiler and Benchmark
Activity Log Manager
BleachBit
cpufetch
dconf Editor
File Manager PCManFM
Firmware
GDebi Package Installer
GParted
Hardware Locality Istopo
Htop
hwclock
Log File Viewer
MATE Disk Usage Analyzer
MATE System Monitor
Midnight Commander
ncdu
Power Statistics
Terminator
Tilda
fish
MATE Terminal
UXTerm
XTerm
Root Terminal
INTERNET

Firefox Web Browser
Tor Browser
lynx
axel
Filezilla
HexChat
OnionShare
OnionShare CLI
Pidgin Internet Messenger
Transmission
uGet
UNIVERSAL ACCESS

Magnus
Mouse keys switch
OnBoard
Screen Reader