From 76762d3d7789247a83edda4a9be6442778a6679d Mon Sep 17 00:00:00 2001
From: Malfurious <m@lfurio.us>
Date: Thu, 22 Feb 2024 02:04:44 -0500
Subject: Consolidate forensics links and add FTKImager and volatility

Signed-off-by: Malfurious <m@lfurio.us>
---
 docs/forensics/AperiSolve.txt       |  2 --
 docs/forensics/CyberChef.txt        |  2 --
 docs/forensics/forensics_links.txt  | 17 +++++++++++++++++
 docs/forensics/qr_code_recovery.txt |  1 -
 4 files changed, 17 insertions(+), 5 deletions(-)
 delete mode 100644 docs/forensics/AperiSolve.txt
 delete mode 100644 docs/forensics/CyberChef.txt
 create mode 100644 docs/forensics/forensics_links.txt
 delete mode 100644 docs/forensics/qr_code_recovery.txt

diff --git a/docs/forensics/AperiSolve.txt b/docs/forensics/AperiSolve.txt
deleted file mode 100644
index d3c6e00..0000000
--- a/docs/forensics/AperiSolve.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-https://www.aperisolve.fr/
-https://github.com/Zeecka/AperiSolve
diff --git a/docs/forensics/CyberChef.txt b/docs/forensics/CyberChef.txt
deleted file mode 100644
index 068c417..0000000
--- a/docs/forensics/CyberChef.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-https://gchq.github.io/CyberChef/
-https://github.com/gchq/CyberChef
diff --git a/docs/forensics/forensics_links.txt b/docs/forensics/forensics_links.txt
new file mode 100644
index 0000000..e72f578
--- /dev/null
+++ b/docs/forensics/forensics_links.txt
@@ -0,0 +1,17 @@
+# Online stego solver and image file analyzer
+https://www.aperisolve.fr/
+https://github.com/Zeecka/AperiSolve
+
+# Online visual data transformation pipeline editor
+https://gchq.github.io/CyberChef/
+https://github.com/gchq/CyberChef
+
+# Online QR code recovery tool
+https://merricx.github.io/qrazybox/
+
+# Read / export from *.ad1 disk images
+https://www.exterro.com/digital-forensics-software/ftk-imager
+
+# Analyze memory dumps (Windows, maybe Linux)
+https://www.golinuxcloud.com/analyzing-volatility-memory-dump/
+https://github.com/volatilityfoundation/volatility
diff --git a/docs/forensics/qr_code_recovery.txt b/docs/forensics/qr_code_recovery.txt
deleted file mode 100644
index 1c89057..0000000
--- a/docs/forensics/qr_code_recovery.txt
+++ /dev/null
@@ -1 +0,0 @@
-https://merricx.github.io/qrazybox/
-- 
cgit v1.2.3