ForensicsToolsA list of free and open forensics analysis tools and other resources
Stars: ✭ 392 (+959.46%)
TcpflowTCP/IP packet demultiplexer. Download from:
Stars: ✭ 1,231 (+3227.03%)
MemlabsEducational, CTF-styled labs for individuals interested in Memory Forensics
Stars: ✭ 696 (+1781.08%)
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (-13.51%)
C Aff4An AFF4 C++ implementation.
Stars: ✭ 126 (+240.54%)
dcflddEnhanced version of dd for forensics and security
Stars: ✭ 27 (-27.03%)
btrfscueRecover files from damaged BTRFS filesystems
Stars: ✭ 28 (-24.32%)
Forensic ToolsA collection of tools for forensic analysis
Stars: ✭ 204 (+451.35%)
lsrootkitRootkit Detector for UNIX
Stars: ✭ 53 (+43.24%)
vminspectTools for inspecting disk images
Stars: ✭ 25 (-32.43%)
Awesome ForensicsA curated list of awesome forensic analysis tools and resources
Stars: ✭ 1,775 (+4697.3%)
LinuxforensicsEverything related to Linux Forensics
Stars: ✭ 189 (+410.81%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+78.38%)
dnslogMinimalistic DNS logging tool
Stars: ✭ 40 (+8.11%)
DFIR-O365RCPowerShell module for Office 365 and Azure log collection
Stars: ✭ 158 (+327.03%)
MantOSLIFARS Networking Security GNU/Linux distro
Stars: ✭ 24 (-35.14%)
BURN[WIP] Anti-Forensics ToolKit to clear post-intrusion sensible logfiles 🔥 (For Research Only)
Stars: ✭ 13 (-64.86%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (+48.65%)
memscrimperCode for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"
Stars: ✭ 25 (-32.43%)
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+2354.05%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (+13.51%)
vframeVFRAME: Visual Forensics and Metadata Extraction
Stars: ✭ 41 (+10.81%)
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+172.97%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+505.41%)
PSTraceTrace ScriptBlock execution for powershell v2
Stars: ✭ 38 (+2.7%)
MacForensicsScripts to process macOS forensic artifacts
Stars: ✭ 118 (+218.92%)
sqbriteSQBrite is a data recovery tool for SQLite databases
Stars: ✭ 27 (-27.03%)
Imm2VirtualThis is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.
Stars: ✭ 40 (+8.11%)
ThePhishThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+1727.03%)
WELAWELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Stars: ✭ 442 (+1094.59%)
TryHackMe-Write-UpThe entire walkthrough of all my resolved TryHackMe rooms
Stars: ✭ 53 (+43.24%)
pdfresurrectAnalyze and help extract older "hidden" versions of a pdf from the current pdf.
Stars: ✭ 40 (+8.11%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+62.16%)
sandfly-setupSandfly Security Agentless Compromise and Intrusion Detection System For Linux
Stars: ✭ 45 (+21.62%)
RemoteNETExamine, create and interact with remote objects in other .NET processes.
Stars: ✭ 29 (-21.62%)
EventTranscriptParserPython based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
Stars: ✭ 22 (-40.54%)
harvestTool to sort large collections of files according to common typologies
Stars: ✭ 32 (-13.51%)
AppmemDumperForensics triage tool relying on Volatility and Foremost
Stars: ✭ 22 (-40.54%)
robot hacking manualRobot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.
Stars: ✭ 169 (+356.76%)
GetConsoleHistoryAndOutputAn Incident Response tool to extract console command history and screen output buffer
Stars: ✭ 41 (+10.81%)
ingest-fileIngestors extract the contents of mixed unstructured documents into structured (followthemoney) data.
Stars: ✭ 40 (+8.11%)
btrForensicsForensic Analysis Tool for Btrfs File System.
Stars: ✭ 15 (-59.46%)
urlRecon📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
Stars: ✭ 31 (-16.22%)
Red-Rabbit-V4The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Stars: ✭ 123 (+232.43%)
RdpCacheStitcherRdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Stars: ✭ 176 (+375.68%)
uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Stars: ✭ 260 (+602.7%)
BlockHashLocRecover files using lists of blocks hashes, bypassing the File System entirely
Stars: ✭ 45 (+21.62%)
smram parseSystem Management RAM analysis tool
Stars: ✭ 50 (+35.14%)
MemProcFS-AnalyzerMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Stars: ✭ 89 (+140.54%)
qedThe scalable, auditable and high-performance tamper-evident log project
Stars: ✭ 87 (+135.14%)
flare-wmiNo description or website provided.
Stars: ✭ 399 (+978.38%)