Powershell module for VMWare vSphere forensics.
The DFIR4vSphere PowerShell module collects logs and forensics artefacts on both ESXi hosts and the vCenter console.

MIG is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security.

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.

The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file system.

Forensic framework for Skype

Investigate 12x faster with the world's most used cyber investigation platform