From 48739533c9f19052d692129920a48e629820d9a2 Mon Sep 17 00:00:00 2001
From: rshipp <github@rshipp.com>
Date: Sat, 9 May 2015 11:05:07 -0600
Subject: [PATCH] Add @simsong bulk_extractor, @sleuthkit scalpel, and more

bulk_extractor, foremost, hachoir, and scalpel.
---
 README.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/README.md b/README.md
index 15ad916..252fe19 100644
--- a/README.md
+++ b/README.md
@@ -140,6 +140,19 @@ A curated list of awesome malware analysis tools and resources. Inspired by
 * [Spidermonkey](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey) -
   Mozilla's JavaScript engine, for debugging malicious JS.
 
+## File Carving
+
+*For extracting files from inside disk and memory images.*
+
+* [bulk_extractor](https://github.com/simsong/bulk_extractor) - Fast file
+  carving tool.
+* [Foremost](http://foremost.sourceforge.net/) - File carving tool designed
+  by the US Air Force.
+* [Hachoir](https://bitbucket.org/haypo/hachoir) - A collection of Python
+  libraries for dealing with binary files.
+* [Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
+  tool.
+
 ## Debugging and Reverse Engineering
 
 *Disassemblers, debuggers, and other static and dynamic analysis tools.*