171 Open source projects that are alternatives of or similar to Tcpflow

Awesome list of digital forensic tools

An AFF4 C++ implementation.

A list of free and open forensics analysis tools and other resources

Everything related to Linux Forensics

Educational, CTF-styled labs for individuals interested in Memory Forensics

A collection of tools for forensic analysis

Carve file metadata from NTFS index ($I30) attributes

The Python implementation of the AFF4 standard.

SIFT

Powerful checksum generator!

macOS Artifact Parsing Tool

A Linux packet crafting tool.

📇 Digital Forensics Artifact Repository (forensicanalysis edition)

Documentation of TheHive

Automagically extract forensic timeline from volatile memory dump

Tracking history of USB events on GNU/Linux

Android Apps, Roms and Platforms for Pentesting

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

An OSINT Metadata analyzing tool that filters through tags and creates reports

Parses $MFT from NTFS file systems

A tool for forensic file system reconstruction.

Free Security and Hacking eBooks

Wipe files and drives securely with randoms ASCII dicks

Cortex: a Powerful Observable Analysis and Active Response Engine

Extract BITS jobs from QMGR queue and store them as CSV records

OSINT Swiss Army Knife

A FUSE module to mount captured network data

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

tamper resistant audit log

A tool to help forensicate offline docker acquisitions

Video Face Manipulation Detection Through Ensemble of CNNs

Volatility plugin for extracts configuration data of known malware

Alcide Kubernetes Audit Log Analyzer - Alcide kAudit

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Super timeline all the things

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Log what files are accessed by any Linux process

Mobile Revelator

RAIR: RAdare In Rust

Digital Forensics Investigation Platform

Digging Deeper....

documentation, scripts, tools related to Zena Forensics (http://blog.digital-forensics.it)

Retrieve Intel AMT's Audit Log from a Linux machine without knowing the admin user's password.

Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

Web browser forensics for Google Chrome/Chromium

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

Enhanced version of dd for forensics and security

🕵️ A tool for Firefox profile analysis, data extraction, forensics and hardening

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

Illuminant inconsistencies for image splicing detection in forensics

Jenkins plug-in that mines and analyzes data from a Git repository

operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

Rootkit Detector for UNIX

Salt States for Configuring the SIFT Workstation

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

A single file container/archive that can be reconstructed even after total loss of file system structures

A boot record parser that identifies known good signatures for MBR, VBR and IPL.