ForensicsToolsA list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (+1351.85%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+144.44%)
pyaff4The Python implementation of the AFF4 standard.
Stars: ✭ 37 (+37.04%)
ingest-fileIngestors extract the contents of mixed unstructured documents into structured (followthemoney) data.
Stars: ✭ 40 (+48.15%)
vminspectTools for inspecting disk images
Stars: ✭ 25 (-7.41%)
btrfscueRecover files from damaged BTRFS filesystems
Stars: ✭ 28 (+3.7%)
lsrootkitRootkit Detector for UNIX
Stars: ✭ 53 (+96.3%)
PackratLive system forensic collector
Stars: ✭ 16 (-40.74%)
hashlookup-forensic-analyserAnalyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
Stars: ✭ 43 (+59.26%)
robot hacking manualRobot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.
Stars: ✭ 169 (+525.93%)
mini-kaliDocker image for hacking
Stars: ✭ 15 (-44.44%)
Imm2VirtualThis is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.
Stars: ✭ 40 (+48.15%)
uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Stars: ✭ 260 (+862.96%)
MacForensicsScripts to process macOS forensic artifacts
Stars: ✭ 118 (+337.04%)
smram parseSystem Management RAM analysis tool
Stars: ✭ 50 (+85.19%)
CDIRCDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Stars: ✭ 122 (+351.85%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+729.63%)
sift-saltstackSalt States for Configuring the SIFT Workstation
Stars: ✭ 82 (+203.7%)
WELAWELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Stars: ✭ 442 (+1537.04%)
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (+18.52%)
TryHackMe-Write-UpThe entire walkthrough of all my resolved TryHackMe rooms
Stars: ✭ 53 (+96.3%)
memscrimperCode for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"
Stars: ✭ 25 (-7.41%)
CTF-Script-And-Template-Thrift-Shop[180+ scripts] There are a few genuine gems in there. And a lot of spaghetti code. Most of these scripts were for solving CTF's. If you googles something for a CTF and landed here look at the scripts they're all fairly malleable. Sorry for the shitty naming conventions (not really). If you are a recruiter stop. I wont be able to rewrite half thi…
Stars: ✭ 38 (+40.74%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (+55.56%)
macOS-triagemacOS triage is a python script to collect various macOS logs, artifacts, and other data.
Stars: ✭ 20 (-25.93%)
LevelDBDumperDumps all of the Key/Value pairs from a LevelDB database
Stars: ✭ 23 (-14.81%)
EventTranscriptParserPython based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
Stars: ✭ 22 (-18.52%)
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+3262.96%)
siemstressVery basic CLI SIEM (Security Information and Event Management system).
Stars: ✭ 24 (-11.11%)
UnifiedLogReaderA parser for Unified logging tracev3 files
Stars: ✭ 56 (+107.41%)
vframeVFRAME: Visual Forensics and Metadata Extraction
Stars: ✭ 41 (+51.85%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+325.93%)
ManTraNet-pytorchImplementation of the famous Image Manipulation\Forgery Detector "ManTraNet" in Pytorch
Stars: ✭ 47 (+74.07%)
dvdisasterA tool providing additional ECC protection for optical media (unofficial version)
Stars: ✭ 116 (+329.63%)
toolsetUseful tools for CTF competitions
Stars: ✭ 31 (+14.81%)
dnslogMinimalistic DNS logging tool
Stars: ✭ 40 (+48.15%)
git-forensics-pluginJenkins plug-in that mines and analyzes data from a Git repository
Stars: ✭ 19 (-29.63%)
MantOSLIFARS Networking Security GNU/Linux distro
Stars: ✭ 24 (-11.11%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (+103.7%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-51.85%)
ir scriptsincident response scripts
Stars: ✭ 17 (-37.04%)
sandfly-setupSandfly Security Agentless Compromise and Intrusion Detection System For Linux
Stars: ✭ 45 (+66.67%)
sqbriteSQBrite is a data recovery tool for SQLite databases
Stars: ✭ 27 (+0%)
RemoteNETExamine, create and interact with remote objects in other .NET processes.
Stars: ✭ 29 (+7.41%)
SRScratchViewA mask imageView class which can be used a scratchView.
Stars: ✭ 52 (+92.59%)
harvestTool to sort large collections of files according to common typologies
Stars: ✭ 32 (+18.52%)
Vol3xpVolatility Explorer Suit
Stars: ✭ 31 (+14.81%)
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+274.07%)
AppmemDumperForensics triage tool relying on Volatility and Foremost
Stars: ✭ 22 (-18.52%)
PSTraceTrace ScriptBlock execution for powershell v2
Stars: ✭ 38 (+40.74%)
GetConsoleHistoryAndOutputAn Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (+51.85%)
ImageSplicingDetectionIlluminant inconsistencies for image splicing detection in forensics
Stars: ✭ 36 (+33.33%)
DFIR-O365RCPowerShell module for Office 365 and Azure log collection
Stars: ✭ 158 (+485.19%)
btrForensicsForensic Analysis Tool for Btrfs File System.
Stars: ✭ 15 (-44.44%)