Network
Wireshark
Scapy
- NetworkMiner
- GRASSMARLIN
- Zeek
- RITA
- Malcolm
- TraceWrangler
Documents
Pluralsight Performing Malware Analysis on Malicious Documents
Excel Macros
Memory & Disks
Volatility
- FTK Imager
- Autopsy
- DumpIT/Comae Toolkit
- $ sudo photorec <imagefile>
- $ sudo testdisk <imagefile>
- $ scalpel