Malware Forensic Field Guides: Tool Box 

Malware Forensic Toolbox: Tools for Investigating Windows Systems

In Malware Forensic Field Guide for Windows System, a myriad of tools were discussed that can be used during the course of investigation.  Throughout the book, we deployed many tools to demonstrate their functionality and output; however there are a number of tool alternatives that you should be aware of and familiar with.  On the respective chapter pages, we explore these tool alternatives. This resource can also simply be used as a "tool quick reference" or "cheat sheet" as there will inevitably be an instance during an investigation where having an additional tool that is useful for a particular function would be beneficial, but while responding in the field you’ll have little time to conduct research for or regarding the tool(s).

The tools in each chapter are identified by overall "tool type"—delineating the scope of how the respective tools can be incorporate in your malware forensic toolkit.  Further, each tool description includes a cross-reference to the page number in the respective chapter in the Malware Forensics Field Guide in which the relevant substantive discussion is provided.  We welcome your feedback and tool suggestions--we look forward to hearing your ideas through the "Contact Us" portal.