Consolidate forensics links and add FTKImager and volatility

Signed-off-by: Malfurious <m@lfurio.us>

4 files changed, 17 insertions, 5 deletions

diff --git a/docs/forensics/AperiSolve.txt b/docs/forensics/AperiSolve.txt
deleted file mode 100644
index d3c6e00..0000000
--- a/docs/forensics/AperiSolve.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-https://www.aperisolve.fr/
-https://github.com/Zeecka/AperiSolve
diff --git a/docs/forensics/CyberChef.txt b/docs/forensics/CyberChef.txt
deleted file mode 100644
index 068c417..0000000
--- a/docs/forensics/CyberChef.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-https://gchq.github.io/CyberChef/
-https://github.com/gchq/CyberChef
diff --git a/docs/forensics/forensics_links.txt b/docs/forensics/forensics_links.txt
new file mode 100644
index 0000000..e72f578
--- /dev/null
+++ b/docs/forensics/forensics_links.txt
@@ -0,0 +1,17 @@
+# Online stego solver and image file analyzer
+https://www.aperisolve.fr/
+https://github.com/Zeecka/AperiSolve
+
+# Online visual data transformation pipeline editor
+https://gchq.github.io/CyberChef/
+https://github.com/gchq/CyberChef
+
+# Online QR code recovery tool
+https://merricx.github.io/qrazybox/
+
+# Read / export from *.ad1 disk images
+https://www.exterro.com/digital-forensics-software/ftk-imager
+
+# Analyze memory dumps (Windows, maybe Linux)
+https://www.golinuxcloud.com/analyzing-volatility-memory-dump/
+https://github.com/volatilityfoundation/volatility
diff --git a/docs/forensics/qr_code_recovery.txt b/docs/forensics/qr_code_recovery.txt
deleted file mode 100644
index 1c89057..0000000
--- a/docs/forensics/qr_code_recovery.txt
+++ /dev/null
@@ -1 +0,0 @@
-https://merricx.github.io/qrazybox/