KAPE

A forensic triage and artifact collection tool designed to rapidly acquire targeted evidence during incident response.

Jan 15, 2026

∙ Paid

KAPE, short for Kroll Artifact Parser and Extractor, is a DFIR triage and collection framework developed by Eric Zimmerman. It is designed to quickly collect high value forensic artifacts from live s…

Continue reading this post for free, courtesy of CyberMaterial.

Or purchase a paid subscription.