Below is a list of various Free & Open Source Software (FOSS) that you may find helpful with investigating, viewing, and managing your digital multimedia evidence. This list also includes a couple privately developed tools that require registration (e.g. FTK Imager, EnCase Forensic Imager), as well as a couple Trialware tools (e.g. Adroit Photo Recovery, IsoBuster - Free to Try, Purchase Required to Save Results).

I have broken down the tools into five categories; Information, Playback, Processing, Management, and Recovery. While some tools may fit into more than one category, I’ve placed them into one of those categories based on how I personally use the given tool most often. The tools listed in each category are listed in no particular order.

Obviously this list is not all-inclusive, but rather more of a noteable mentions list. Please feel free to submit recommended additions via my contact form.

Tool Validation
It is important to note that tool validation is the end user’s responsibility. For more information on validation testing please see the SWGDE Recommended Guidelines for Validation Testing, the most current version of which is available via the SWGDE Current Documents page. You may also be interested in the NIST Computer Forensics Tool Testing Program.

Information

The tools listed in this category report details regarding the multimedia file, such as the codec used, filters called by the system to play the file, height, width, frame rate, aspect ratio(s), and more. Want to know why you can play the file on your system, but not on the attorney’s system? These tools are a good place to start.

• ExifTool - http://www.sno.phy.queensu.ca/~phil/exiftool/
• GraphStudioNEXT - https://code.google.com/p/graph-studio-next/
• MediaInfo - www.mediaarea.net (Software Download & Info) & MediaInfoOnline
• MP4 Inspector - https://sourceforge.net/projects/mp4-inspector/
• FFprobe - www.ffmpeg.org
• avprobe - www.libav.org
• GSpot - www.headbands.com/gspot/
• abcAVI Tag Editor - http://abcavi.kibi.ru/
• AVInaptic - http://fsinapsi.altervista.org/

Playback

While this category may seem self‐explanatory, it’s important to understand that not all playback software is created equal. Among other things, some players are built on and for a specific multimedia framework, and understanding this simple fact may be helpful when considering a proper and efficient multimedia analysis workflow.

• VLC Media Player - http://www.videolan.org/vlc/
• MPC-HC - https://www.videohelp.com/software/Media-Player-Classic-Home-Cinema
• QuickTime Player - www.apple.com/quicktime
• Windows Media Player - http://windows.microsoft.com/en-us/windows/windows-media-player
• ffdshow - http://sourceforge.net/projects/ffdshow-tryout/
• FFplay - www.ffmpeg.org
• avplay - www.libav.org
• GPAC MP4Client\Osmo4 - https://gpac.wp.imt.fr/home/
• GOM Player - http://player.gomlab.com/eng/
• SMPlayer - http://smplayer.sourceforge.net/

Processing

Once we’ve determined what we have and where we want to go with our multimedia, we need tools that can accurately interpret and process the multimedia data. Common processing tasks include extracting images from video, converting file formats, editing or redacting, resizing, or even clarifying and enhancing multimedia.

• FFmpeg - www.ffmpeg.org
• avconv - www.libav.org
• Shutter Encoder - https://www.shutterencoder.com/en/
• LosslessCut - https://mifi.no/losslesscut
• Blender (Open Source 3D Creation) - https://www.blender.org/
• Avid Media Composer | First - https://my.avid.com/get/media-composer-first
• Davinci Resolve - https://www.blackmagicdesign.com/products/davinciresolve/
• Lightworks - https://www.lwks.com/
• GPAC MP4Box - https://gpac.wp.imt.fr/home/
• Handbrake - https://handbrake.fr/
• WinFF - http://winff.org/
• AnotherGUI - http://www.stuudio.ee/anothergui/
• VirtualDub - http://virtualdub.org/
• AviDemux - http://avidemux.sourceforge.net/index.html
• Avisynth - http://avisynth.nl
• Sizer 4.0 - http://www.brianapps.net/sizer4/
• Forevid - https://sourceforge.net/projects/forevid/
• Audacity® - http://audacity.sourceforge.net/
• OBS Studio - https://obsproject.com/

Management

The tools in this category assist with the administration and management of your data and your system. Proprietary codecs and players often cause conflicts, change filter merits or have other unintended consequences that affect your system’s functionality and performance. These tools can help protect the integrity of your system and your data.

• Quick Hash GUI - http://sourceforge.net/projects/quickhash/
• Razuna - https://www.razuna.org/
• Advanced System Care Free - http://www.iobit.com/advancedsystemcareper.php
• K-Lite Codec Tweak Tool - http://codecguide.com/download_other.htm#codectweaktool
• 7-Zip - http://www.7‐zip.org/
• ImgBurn - http://www.imgburn.com/
• Clonezilla - http://clonezilla.org/
• Cameyo Packager - https://cameyo.com/cameyo-offline/

Recovery

These tools can be used to acquire, preview, and even recover digital multimedia data from a variety of storage formats and mediums.

• CyberChef - The Cyber Swiss Army Knife - https://gchq.github.io/CyberChef/
• Grau Video Repair Tool - http://grauonline.de/cms2/
• Stellar Video Repair - https://www.stellarinfo.com/disk-recovery/video-repair.php
• PhotoRec & TestDisk - http://www.cgsecurity.org/wiki/PhotoRec
• FTK® Imager - http://accessdata.com/product-download
• EnCase® Forensic Imager  (link goes to contact form to request download)
• The Sleuth Kit® & Autopsy® - http://www.sleuthkit.org/
• JPEGsnoop - http://sourceforge.net/projects/jpegsnoop/
• WinFE - http://winfe.wordpress.com/
• NirSoft Freeware Utilities - http://www.nirsoft.net/
• SimpleCarver Free Tools - http://www.simplecarver.com/
• NFI Defraser - http://sourceforge.net/projects/defraser/
• IsoBuster - http://www.isobuster.com/
• JPEG Recovery Lab - Advanced Carver https://www.disktuna.com

The information and links provided here are for informational purposes only. Please see my website Terms of Use for further detail