158 Open source projects that are alternatives of or similar to dcfldd

A list of free and open forensics analysis tools and other resources

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

No description or website provided.

The Python implementation of the AFF4 standard.

Ingestors extract the contents of mixed unstructured documents into structured (followthemoney) data.

Tools for inspecting disk images

Recover files from damaged BTRFS filesystems

Rootkit Detector for UNIX

Live system forensic collector

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

Python 3 Script to parse out iTunes backups

U-Net for fingerprint denoising

Robot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.

Docker image for hacking

This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.

My solutions to the 2020 NSA Codebreaker Challenge

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

Scripts to process macOS forensic artifacts

System Management RAM analysis tool

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Salt States for Configuring the SIFT Workstation

Truehunter

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Carve file metadata from NTFS index ($I30) attributes

The entire walkthrough of all my resolved TryHackMe rooms

Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"

[180+ scripts] There are a few genuine gems in there. And a lot of spaghetti code. Most of these scripts were for solving CTF's. If you googles something for a CTF and landed here look at the scripts they're all fairly malleable. Sorry for the shitty naming conventions (not really). If you are a recruiter stop. I wont be able to rewrite half thi…

Provides various Windows Server Active Directory (AD) security-focused reports.

macOS triage is a python script to collect various macOS logs, artifacts, and other data.

Dumps all of the Key/Value pairs from a LevelDB database

Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)

Tools to browse disk images and file system metadata in a web service

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Very basic CLI SIEM (Security Information and Event Management system).

A parser for Unified logging tracev3 files

VFRAME: Visual Forensics and Metadata Extraction

Set of Yara rules for finding files using magics headers

Implementation of the famous Image Manipulation\Forgery Detector "ManTraNet" in Pytorch

A tool providing additional ECC protection for optical media (unofficial version)

Useful tools for CTF competitions

Minimalistic DNS logging tool

Jenkins plug-in that mines and analyzes data from a Git repository

LIFARS Networking Security GNU/Linux distro

Android process memory dump tool without ndk.

[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)

incident response scripts

Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

SQBrite is a data recovery tool for SQLite databases

Examine, create and interact with remote objects in other .NET processes.

A mask imageView class which can be used a scratchView.

Tool to sort large collections of files according to common typologies

Volatility Explorer Suit

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

Forensics triage tool relying on Volatility and Foremost

Trace ScriptBlock execution for powershell v2

An Incident Response tool to extract console command history and screen output buffer

Illuminant inconsistencies for image splicing detection in forensics

PowerShell module for Office 365 and Azure log collection

Forensic Analysis Tool for Btrfs File System.