# Forensics

- [Wireshark](/forensics/wireshark.md): A popular tool to analyze and extract data from network packet captures
- [File Formats](/forensics/file-formats.md): What to do with a file you don't understand
- [Archives](/forensics/archives.md): Different kinds of file archives, like ZIP, RAR or TAR
- [Memory Dumps (Volatility)](/forensics/memory-dumps-volatility.md): Big dump of the RAM on a system. Use tools like volatility to analyze the dumps and get information about what happened
- [VBA Macros](/forensics/vba-macros.md): Visual Basic for Applications is a programming language used to create macro scripts for Microsoft office apps
- [Grep](/forensics/grep.md): Search for text inside of files
- [Git](/forensics/git.md): A version control system often saving lots of information about how files were changes
- [File Recovery](/forensics/file-recovery.md): Recovering content of deleted files