What is DigWex?
DigWex is an open-source digital forensics and incident response tool used to analyze disk images, memory dumps, network packet captures, logs, and other digital evidence. It is designed to help information security and forensic analysts investigate cyberattacks, data breaches, and other security incidents.
Some key features of DigWex include:
- Disk image analysis - Dig through hard drive images to extract files, scan for keywords, carve out deleted data, and reconstruct web browsing sessions.
- Memory analysis - Dump and analyze memory from compromised systems to uncover running processes, open network connections, loaded modules, and other artifacts.
- Network forensics - Load PCAP files and extract transferred files from network streams, reconstruct sessions, and perform deep packet inspection.
- File carving - Automatically detect and extract files from raw binary data using header and footer sequences.
- Hash checking - Identify files through cryptographic hash values and match against whitelist and blacklist databases.
- Customizable reporting - Document your findings in PDF, HTML, and other portable formats.
DigWex provides an intuitive graphical interface as well as a command line tool for easy automation. It runs on Windows, Linux, and macOS platforms. The open-source codebase allows security engineers to customize DigWex to their specific needs.
LightShot, Imgur, Imagesocket, Webhotpix.com, IM.GE, Screely, Image Chest, Free Snipping Tool, Good Annotations, ScreenCloud, Snipboard, Screenshot.rocks are some alternatives to DigWex.