{"id":13797326,"url":"https://github.com/gaurav-gogia/dftools","last_synced_at":"2026-01-12T15:50:33.877Z","repository":{"id":95624091,"uuid":"147858664","full_name":"gaurav-gogia/dftools","owner":"gaurav-gogia","description":"A curated list of digital forensic tools.","archived":false,"fork":false,"pushed_at":"2019-12-02T19:09:40.000Z","size":1299,"stargazers_count":21,"open_issues_count":6,"forks_count":12,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-11-18T11:40:55.358Z","etag":null,"topics":["curated-list","forensic-analysis","forensics","hacktoberfest","hacktoberfest2020","investigation","security"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gaurav-gogia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-07T18:08:54.000Z","updated_at":"2024-02-13T10:28:21.000Z","dependencies_parsed_at":"2023-03-18T02:45:29.528Z","dependency_job_id":null,"html_url":"https://github.com/gaurav-gogia/dftools","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gaurav-gogia%2Fdftools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gaurav-gogia%2Fdftools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gaurav-gogia%2Fdftools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gaurav-gogia%2Fdftools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gaurav-gogia","download_url":"https://codeload.github.com/gaurav-gogia/dftools/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253859739,"owners_count":21975163,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["curated-list","forensic-analysis","forensics","hacktoberfest","hacktoberfest2020","investigation","security"],"created_at":"2024-08-03T23:01:27.786Z","updated_at":"2026-01-12T15:50:33.851Z","avatar_url":"https://github.com/gaurav-gogia.png","language":null,"funding_links":[],"categories":["\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e收集","\u003ca id=\"601dcc03dc2254612e1b88816ae2b820\"\u003e\u003c/a\u003e资源收集"],"sub_categories":[],"readme":"\n\u003ch1 align=\"center\"\u003e\n  DFTOOLS\n\u003c/h1\u003e\n\n\u003ch4 align=\"center\"\u003eA curated list of Digital Forensics Tools with some useful links \u0026 usage.\nTo get information about any other tool please visit the  \u003ca href=\"https://forensicswiki.org\" target=\"_blank\"\u003eForensic Wiki\u003c/a\u003e.\u003c/h4\u003e\n\n\n\u003ch4 align=\"center\"\u003e\u003ca href=\"\"\u003e\u003cimg src=\"./pics/df-transparent.png\" alt=\"Forensics\" width=\"200\"\u003e\u003c/a\u003e\u003c/h4\u003e\n\n\n#### 📢 Some Important Concepts\n\n- Digital Forensics: An applicaiton of science to uncover facts, solve crime by **acquiring** the evidence \u003cbr /\u003e\n**analyzing** the evidence and finally prepping it for any court of law. All the steps must be completed while \u003cbr /\u003e maintaining the [chain of custody](https://digital-forensics.sans.org/blog/tags/chain-of-custody) and **integrity**.\n\n- Forensic Image/Copy: This term refers to a **bit perfect** copy/clone of any storage device.\u003cbr/\u003e\nIt is important to understand that any forensic cloning tool worth it's salt would ensure integrity of evidence. \u003cbr /\u003e\nThis is why in forensic terms a simple backup is not enough.\n\n- Data recovery tools look into unallocated sectors to find the files that were thought to be lost. They reach out \u003cbr /\u003e\nto a very low level, below all the abstraction layers.\n\n#### 📝 Forensic Copy\n- [DC3DD](./dc3dd.md)\n- [DD](https://wiki.archlinux.org/index.php/disk_cloning)\n- [DCFLDD](https://www.forensicswiki.org/wiki/Dcfldd)\n- [Guymager](./guymager.md)\n\n#### ♻️ Data Recovery/Carving\n- [Foremost](./foremost.md)\n- [Bulk Extractor](./bulk_extractor.md)\n- [PhotoRec](https://www.cgsecurity.org/wiki/PhotoRec)\n- [Recuva](https://www.ccleaner.com/recuva)\n- [Scalpel](https://github.com/sleuthkit/scalpel)\n\n#### 🈹 Multi-Purpose Kits\n- [Autopsy](https://www.sleuthkit.org/autopsy/)\n- [SIFT(Sans Investigative Forensic Toolkit)](https://digital-forensics.sans.org/community/downloads/#overview)\n- [CyLR](./CyLR.md)\n- [KAPE](https://www.kroll.com/en/services/cyber-risk/investigate-and-respond/kroll-artifact-parser-extractor-kape)\n- [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF)\n\n#### 📊 Metadata analysis\n- [Exiftool](./exiftool.md)\n\n#### 📟 Network Forensic Analysis Tool (NFAT)\n- [Xplico](http://www.xplico.org/about)\n\n#### :octocat: Contribution Guidelines\n1. Fork the repository.\n2. Clone it.\n3. Create a new file explaining a digital forensic tool, if pics are involved please upload them in pics folder and link accordingly.\n4. Make an entry about that tool in the main Readme File(this file).\n5. Send PR.\n6. Star this Repo\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgaurav-gogia%2Fdftools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgaurav-gogia%2Fdftools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgaurav-gogia%2Fdftools/lists"}