Commercial tools

The main question that usually arises when choosing tools is usually based on commercial versus open source. Whether using commercial tools or open source tools, the end result should be the same, with preservation and integrity of the original evidence being the main priority.

Belkasoft

Belkasoft EC is an automated incident response and forensic tool that is capable of analysing acquired images of memory dumps, virtual machines, and cloud and mobile backups, as well as physical and logical drives.

Belkasoft Evidence Center X starts at something like $2,499.00, but Belkasoft also offers a free acquisition and RAM capturer tool, available along with a trial version of their Evidence Center (Belkasoft X Trial Limitations).

Forensic Toolkit (FTK)

FTK has been around for some time and is used professionally by forensics investigators and law enforcement agencies worldwide. AccessData announced integration with Belkasoft for a better experience, and was acquired by Exterro end 2020.

There is a trial version and a free image acquisition tool.

EnCase

Created by Guidance Software, EnCase Forensic has also been at the forefront for many years and has been used internationally by professionals and law enforcement agencies alike for almost two decades. Much like FTK, EnCase comes with several solutions for incident response, e-discovery, and endpoint and mobile forensics.

Magnet Forensics

Magnet Forensics is one of the few tools to perform mobile and computer forensics long with memory analysis, which gives value for money compared to standalone analysis tools.

X-Ways

X-Ways products are certainly worth exploring. They come at a fraction of the cost other tools charge, and does not have any ridiculous hardware requirements. X-Ways Forensics is fully portable and runs off a USB stick on any given Windows system without installation if you want. It is based on the WinHex hex and disk editor and part of an efficient workflow model where computer forensic examiners share data and collaborate with investigators that use X-Ways Investigator.