https://github.com/gaurav-gogia/dftools

A curated list of digital forensic tools.
https://github.com/gaurav-gogia/dftools

curated-list forensic-analysis forensics hacktoberfest hacktoberfest2020 investigation security

Last synced: 5 months ago
JSON representation

A curated list of digital forensic tools.

• Host: GitHub
• URL: https://github.com/gaurav-gogia/dftools
• Owner: gaurav-gogia
• Created: 2018-09-07T18:08:54.000Z (about 7 years ago)
• Default Branch: master
• Last Pushed: 2019-12-02T19:09:40.000Z (almost 6 years ago)
• Last Synced: 2024-11-18T11:40:55.358Z (11 months ago)
• Topics: curated-list, forensic-analysis, forensics, hacktoberfest, hacktoberfest2020, investigation, security
• Homepage:
• Size: 1.24 MB
• Stars: 21
• Watchers: 3
• Forks: 12
• Open Issues: 6
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-security-collection - **12**星

README

          



  DFTOOLS



A curated list of Digital Forensics Tools with some useful links & usage.

To get information about any other tool please visit the  Forensic Wiki.




#### 📢 Some Important Concepts

- Digital Forensics: An applicaiton of science to uncover facts, solve crime by **acquiring** the evidence 


**analyzing** the evidence and finally prepping it for any court of law. All the steps must be completed while 
 maintaining the [chain of custody](https://digital-forensics.sans.org/blog/tags/chain-of-custody) and **integrity**.

- Forensic Image/Copy: This term refers to a **bit perfect** copy/clone of any storage device.


It is important to understand that any forensic cloning tool worth it's salt would ensure integrity of evidence. 


This is why in forensic terms a simple backup is not enough.

- Data recovery tools look into unallocated sectors to find the files that were thought to be lost. They reach out 


to a very low level, below all the abstraction layers.

#### 📝 Forensic Copy

- [DC3DD](./dc3dd.md)

- [DD](https://wiki.archlinux.org/index.php/disk_cloning)

- [DCFLDD](https://www.forensicswiki.org/wiki/Dcfldd)

- [Guymager](./guymager.md)

#### ♻️ Data Recovery/Carving

- [Foremost](./foremost.md)

- [Bulk Extractor](./bulk_extractor.md)

- [PhotoRec](https://www.cgsecurity.org/wiki/PhotoRec)

- [Recuva](https://www.ccleaner.com/recuva)

- [Scalpel](https://github.com/sleuthkit/scalpel)

#### 🈹 Multi-Purpose Kits

- [Autopsy](https://www.sleuthkit.org/autopsy/)

- [SIFT(Sans Investigative Forensic Toolkit)](https://digital-forensics.sans.org/community/downloads/#overview)

- [CyLR](./CyLR.md)

- [KAPE](https://www.kroll.com/en/services/cyber-risk/investigate-and-respond/kroll-artifact-parser-extractor-kape)

- [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF)

#### 📊 Metadata analysis

- [Exiftool](./exiftool.md)

#### 📟 Network Forensic Analysis Tool (NFAT)

- [Xplico](http://www.xplico.org/about)

#### :octocat: Contribution Guidelines

1. Fork the repository.

2. Clone it.

3. Create a new file explaining a digital forensic tool, if pics are involved please upload them in pics folder and link accordingly.

4. Make an entry about that tool in the main Readme File(this file).

5. Send PR.

6. Star this Repo