Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+135.71%)
Backup And Recovery HowtosGuides to setting up a media storage system, backing it up, and recovering from failures
Stars: ✭ 235 (+739.29%)
FatcatFAT filesystems explore, extract, repair, and forensic tool
Stars: ✭ 201 (+617.86%)
btrForensicsForensic Analysis Tool for Btrfs File System.
Stars: ✭ 15 (-46.43%)
pyaff4The Python implementation of the AFF4 standard.
Stars: ✭ 37 (+32.14%)
ForensicsToolsA list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (+1300%)
blockyarchiveBlocky archive - multithreaded archiver offering bit rot protection and sector level recoverability
Stars: ✭ 88 (+214.29%)
sqbriteSQBrite is a data recovery tool for SQLite databases
Stars: ✭ 27 (-3.57%)
vminspectTools for inspecting disk images
Stars: ✭ 25 (-10.71%)
SeqboxA single file container/archive that can be reconstructed even after total loss of file system structures
Stars: ✭ 480 (+1614.29%)
lsrootkitRootkit Detector for UNIX
Stars: ✭ 53 (+89.29%)
dcflddEnhanced version of dd for forensics and security
Stars: ✭ 27 (-3.57%)
BlockHashLocRecover files using lists of blocks hashes, bypassing the File System entirely
Stars: ✭ 45 (+60.71%)
warrickRecover lost websites from the Web Infrastructure
Stars: ✭ 76 (+171.43%)
RemoteNETExamine, create and interact with remote objects in other .NET processes.
Stars: ✭ 29 (+3.57%)
flare-wmiNo description or website provided.
Stars: ✭ 399 (+1325%)
QR-secret-sharing🔒 Create QR codes to secret-share a message. Ideal for cryptocurrency wallet recovery keys and passwords.
Stars: ✭ 94 (+235.71%)
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (+14.29%)
harvestTool to sort large collections of files according to common typologies
Stars: ✭ 32 (+14.29%)
LogESPOpen Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (+478.57%)
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+260.71%)
arch-btrfs-install-guideArch Linux installation guide with btrfs and snapper, this guide is based on the information from unicks.eu guide https://www.youtube.com/watch?v=TKdZiCTh3EM, and Arch Linux UEFI step-by-step installation guide https://www.youtube.com/watch?v=dOXYZ8hKdmc from ALU.
Stars: ✭ 32 (+14.29%)
DFIR Resources REvil KaseyaResources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack
Stars: ✭ 172 (+514.29%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+700%)
TryHackMe-Write-UpThe entire walkthrough of all my resolved TryHackMe rooms
Stars: ✭ 53 (+89.29%)
kunlun-storageKunlun-storage is the storage component for KunlunBase. It's developed based on percona-mysql-8.0.x and contains exclusive features used by KunlunBase, performance enhancements and XA transaction crash safety enhancements without which MySQL would not be able to execute XA transactions reliably under error conditions such as power outage, proces…
Stars: ✭ 2 (-92.86%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (+60.71%)
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+3142.86%)
qedThe scalable, auditable and high-performance tamper-evident log project
Stars: ✭ 87 (+210.71%)
vframeVFRAME: Visual Forensics and Metadata Extraction
Stars: ✭ 41 (+46.43%)
recoveryCreate recovery/backup codes for 2FA
Stars: ✭ 72 (+157.14%)
FATXToolsFATX Data Recovery Tools (C#)
Stars: ✭ 34 (+21.43%)
arch-secure-bootUEFI Secure Boot for Arch Linux + btrfs snapshot recovery
Stars: ✭ 60 (+114.29%)
MantOSLIFARS Networking Security GNU/Linux distro
Stars: ✭ 24 (-14.29%)
AppmemDumperForensics triage tool relying on Volatility and Foremost
Stars: ✭ 22 (-21.43%)
PackratLive system forensic collector
Stars: ✭ 16 (-42.86%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+310.71%)
arch-configScripts and Ansible playbook to setup Arch Linux on ZFS.
Stars: ✭ 36 (+28.57%)
demuxusbA program and toolset to analyze iDevice USB sessions
Stars: ✭ 25 (-10.71%)
undoGelöschte Artikel, Slices und Kategorien wiederherstellen
Stars: ✭ 31 (+10.71%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+28635.71%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-53.57%)
GetConsoleHistoryAndOutputAn Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (+46.43%)
AdtimelineTimeline of Active Directory changes with replication metadata
Stars: ✭ 252 (+800%)
Invtero.netinVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
Stars: ✭ 237 (+746.43%)
Radare2UNIX-like reverse engineering framework and command-line toolset
Stars: ✭ 15,412 (+54942.86%)
UserlineQuery and report user logons relations from MS Windows Security Events
Stars: ✭ 221 (+689.29%)
dnslogMinimalistic DNS logging tool
Stars: ✭ 40 (+42.86%)
urlRecon📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
Stars: ✭ 31 (+10.71%)
buttermanagerButterManager is a BTRFS tool for managing snapshots, balancing filesystems and upgrading the system safetly.
Stars: ✭ 92 (+228.57%)
Forensic ToolsA collection of tools for forensic analysis
Stars: ✭ 204 (+628.57%)
WhatsdumpExtract WhatsApp private key from any non-rooted Android device (Android 7+ supported)
Stars: ✭ 198 (+607.14%)