Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with digital-forensics

A curated list of projects in awesome lists tagged with digital-forensics .

https://github.com/simsong/tcpflow

TCP/IP packet demultiplexer. Download from:

digital-forensics forensics tcp-protocol tcpip

Last synced: 14 May 2025

https://github.com/stuxnet999/MemLabs

Educational, CTF-styled labs for individuals interested in Memory Forensics

ctf ctf-challenges cybersecurity dfir digital-forensics forensics memory-forensics security windows

Last synced: 13 Apr 2025

https://github.com/yampelo/beagle

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

dfir digital-forensics forensic-analysis graph incident-response security threat-hunting

Last synced: 15 May 2025

https://github.com/sepinf-inc/IPED

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

digital-forensics forensic recovery

Last synced: 04 May 2025

https://github.com/spieglt/whatfiles

Log what files are accessed by any Linux process

digital-forensics filesystem-events linux-utilities

Last synced: 16 May 2025

https://github.com/DFIRKuiper/Kuiper

Digital Forensics Investigation Platform

artifacts dfir digital-forensics incident-response parser security

Last synced: 30 Mar 2025

https://github.com/ashemery/linuxforensics

Everything related to Linux Forensics

dfir digital-forensics forensics investigations linux

Last synced: 01 Sep 2025

https://github.com/ashemery/LinuxForensics

Everything related to Linux Forensics

dfir digital-forensics forensics investigations linux

Last synced: 13 May 2025

https://github.com/LETHAL-FORENSICS/MemProcFS-Analyzer

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

dfir digital-forensics incident-response live-response memory-forensics memprocfs powershell

Last synced: 03 Mar 2025

https://github.com/dfirtrack/dfirtrack

DFIRTrack - The Incident Response Tracking Application

dfir digital-forensics incident-management incident-response incident-response-tooling

Last synced: 29 Jan 2026

https://github.com/vm32/Linux-Incident-Response

practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response

digital-forensics digital-forensics-incident-response incident-response ir linux

Last synced: 08 Apr 2025

https://github.com/vm32/linux-incident-response

practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response

digital-forensics digital-forensics-incident-response incident-response ir linux

Last synced: 06 Apr 2025

https://github.com/psmths/windows-forensic-artifacts

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

analysis artifacts dfir digital-forensics forensic-analysis forensicartifacts forensics forensics-investigations reference windows windows-11

Last synced: 06 Apr 2025

https://github.com/forensicanalysis/artifactcollector

๐Ÿงญ The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

dfir digital-forensics forensicartifacts

Last synced: 16 Jan 2026

https://github.com/Psmths/windows-forensic-artifacts

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

analysis artifacts dfir digital-forensics forensic-analysis forensicartifacts forensics forensics-investigations reference windows windows-11

Last synced: 10 Apr 2025

https://github.com/securitybrewery/catalyst

Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes

dfir digital-forensics incident-response soar

Last synced: 06 Apr 2025

https://github.com/SecurityBrewery/catalyst

Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes

dfir digital-forensics incident-response soar

Last synced: 15 Sep 2025

https://github.com/TotallyNotAHaxxer/Red-Rabbit

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow

cpp digital-forensics golang hacking-tool linux osint-tool pcap pcap-analyzer penetration-testing perl prox raw ssh tor web webapp xml

Last synced: 03 Apr 2025

https://github.com/asiamina/A-Course-on-Digital-Forensics

A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University

courses digital-forensics disk-forensics memory-forensics mobile-forensics network-forensics reverse-engineering

Last synced: 13 Mar 2025

https://github.com/kd8bny/LiMEaide

A python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local host.

digital-forensics linux memory-dump volatility-profiles

Last synced: 12 May 2025

https://github.com/vm32/digital-forensics-script-for-linux

Advanced Bash script designed for conducting digital forensics on Linux systems

digital-forensics digital-forensics-incident-response linux

Last synced: 21 Aug 2025

https://github.com/z0m31en7/whatmail

WhatMail is a command-line tool that analyzes the header of an email and provides detailed information about various fields.

digital-forensics email email-header email-header-analysis email-header-forensics investigation osint python

Last synced: 10 Jul 2025

https://github.com/puffycid/artemis

A cross platform forensic parser written in Rust!

dfir digital-forensics incident-response rust

Last synced: 08 May 2026

https://github.com/adrianlois/dfir-detection-engineering

Digital Forensics Incident Response and Detection engineering: Anรกlisis forense de artefactos comunes y no tan comunes. Tรฉcnicas anti-forense y detecciรณn de tรฉcnicas utilizadas por actores maliciosos para la evasiรณn de sistemas de protecciรณn y monitorizaciรณn.

anti-forense artefactos artefacts cybersecurity deteccion detection-engineering dfir digital-forensics evidencias forense forensics incident-response linux macosx malware security tips tricks windows

Last synced: 09 Apr 2025

https://github.com/puffyCid/artemis

A cross platform forensic parser written in Rust!

dfir digital-forensics incident-response rust

Last synced: 05 Apr 2025

https://github.com/paulveillard/cybersecurity-forensics

A collection of forensics tools, software, libraries, learning tutorials, frameworks, academic and practical resources in Cybersecurity

cybersecurity digital-forensics forensic-analysis forensics forensics-101 forensics-investigations forensics-tools free open-data open-discovery open-source

Last synced: 07 Jan 2026

https://github.com/mrmugiwara/ftk-imager-osx

FTK Imager a Forensics Tools For MAC OS X

digital-forensics forensics-investigations ftk-imager macosx

Last synced: 17 Jan 2026

https://github.com/secuditor/secuditor-lite

Free diagnostic security tool for Windows endpoints, featuring network utilities and device OPSEC analysis, all in one

all-in-one cybersecurity diagnostics digital-forensics endpoint-security freeware gui-application indie-dev opsec python security-tools speedtest utility-app vulnerability-detection windows

Last synced: 30 Apr 2026

https://github.com/lazza/fuji

Graphical interface for the forensic logical acquisition of Mac computers

apple dfir dfir-tools digital-forensics forensic-tools forensics mac

Last synced: 15 Feb 2026

https://github.com/circl/forensic-tools

CIRCL system forensic tools or a jumble of tools to support forensic

dfir digital-forensics forensic forensic-analysis

Last synced: 14 Apr 2025

https://github.com/paulveillard/cybersecurity-digital-forensics

A collection of digital forensics tools for verification, investigations, diagnostics, software, libraries, learning tutorials, frameworks, academic and practical resources in Cybersecurity

digital-forensic-readiness digital-forensics digital-forensics-incident-response finger-detection fingerprint fingerprint-authentication fingerprint-recognition fingerprint-scanner fingerprint-sensor fingerprints forensics stenography

Last synced: 17 Feb 2026

https://github.com/evild3ad/Get-MiniTimeline

Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE

dfir digital-forensics incident-response kape powershell timeline

Last synced: 10 Apr 2025

https://github.com/kalink0/crush-forensics

Open-source desktop workbench for digital forensic analysis. Inspect ZIP/TAR acquisitions and parse and view ABX, SQLite, SEGB, (B)PLIST, REALM, Protobuf, Logs,hex, JSON, XML, and more โ€” all in one GUI.

abx android-forensics bplist dfir digital-forensics forensics ios-forensics leveldb mobile-forensics open-source plist protobuf realm-database segb sqlite

Last synced: 07 Jun 2026

https://github.com/velocidex/go-prefetch

A golang implementation of a prefetch parser.

digital-forensics golang

Last synced: 24 Oct 2025

https://github.com/sk4la/plast

Modular command-line threat hunting tool & framework.

apt digital-forensics framework incident-response ioc python python3 threat-hunting yara

Last synced: 05 May 2025

https://github.com/jupyterj0nes/sabonis

Sabonis, a Digital Forensics and Incident Response pivoting tool

blue-team dfir dfir-automation digital-forensics incident-response

Last synced: 22 Apr 2025

https://github.com/alexdelorenzo/save_skype

๐Ÿ’ฌ Data forensics and recovery utility for Skype chats and history

chat data-recovery digital-forensics history logs skype

Last synced: 09 Apr 2025

https://github.com/Panagiotis-INS/Cyber-Defenders

This repo is all about Blue teamming and CyberDefenders Write-up for their DFIR challenges

challenge ctf cyber-defenders cyber-defense digital-forensics digital-forensics-incident-response

Last synced: 16 Feb 2026

https://github.com/sondosaabed/digital-forensics-investigation

This report was written for the Digital Forensics Analysis coursework, specifically the first assignment. In which, steps and screenshots for each investigation process are recorded.

active-disk-editor digital-forensics file-recovery ftk-imager incident-response partitioning virtual-hardisk

Last synced: 25 Jan 2026

https://github.com/netseclab/paper_for_digital_forensics

This is a collection of papers, codes, issues for digital forensics.

digital-forensics forensics

Last synced: 13 May 2025

https://github.com/4m3rr0r/zero-setup

Zero Setup is a Bash script that automates the installation process of all the personal tools and software you need on your system. It saves you time and effort by setting up your Hacking environment with just a single command.

ctf ctf-tools digital-forensics osint steganography zero-setup

Last synced: 08 Oct 2025

https://github.com/sydp/goewf

Access Expert Witness Format (ewf/E01/L01) files using Golang

computer-forensics dfir digital-forensics evidence golang

Last synced: 05 Oct 2025

https://github.com/sondosaabed/file-carving-tool

This project was done as part of the Digital Forensics Analysis coursework, specifically the file carving tool.

digital-forensics file-carving file-fragmentation file-recovery file-signatures fragmentation hash-based-search java sha-256

Last synced: 22 Apr 2025

https://github.com/mahmudnibir/hiddenmessage

โš•๏ธ HiddenMessage is a Python script that uses LSB steganography to hide and extract secret text in images. It encrypts the message with AES before embedding, ensuring both privacy and invisibility.

data-hiding digital-forensics encoding encryption encryption-decryption image-processing lsb message-hiding password pil python security steganography

Last synced: 21 Jul 2025

https://github.com/jupyterj0nes/masstin

Rust DFIR tool that massively parses cross-platform evidence, even deleted logs, into a lateral movement timeline and graph database.

cypher dfir digital-forensic-tool digital-forensics digital-forensics-incident-response event-log evtx forensic-tool graph-database incident-response kape lateral-movement memgraph neo4j rust threat-hunting ual velociraptor vss windows-forensics

Last synced: 16 Apr 2026

https://github.com/qeeqbox/digital-forensics

Digital Forensics is the process of finding and analyzing electronic data

cycle digital-forensics infosecsimplified qeeqbox visualization

Last synced: 08 Mar 2026

https://github.com/kanglib/edu_for

A cheat sheet for digital forensics :blush:

digital-forensics forensics

Last synced: 07 Feb 2026

https://github.com/areebahmeddd/cognito.ai

๐Ÿ”Ž Natural Language Interface for Digital Forensic Evidence

agentic-ai digital-forensics elasticsearch fastapi langchain neo4j t3-stack ufdr-tool

Last synced: 05 May 2026

https://github.com/nannib/usbnlnk

This program can correlate the dates of USB mass device connections with recent files and export a report in CSV format

correlation dfir digital-forensics forensics free lnk lnk-files lnks open open-source opensource python recent-files tool usb usb-forensics

Last synced: 12 Jun 2025

https://github.com/ostafen/digler

Digler is a tool for forensic disk analysis and file recovery. It's designed to help you unearth lost or deleted data from various disk images and raw devices.

cli-tool data-recovery deleted-file-recovery dfxml digital-forensics disk-analysis disk-image file-carving filesystem-analysis golang photo-recovery plugin-architecture

Last synced: 09 Oct 2025

https://github.com/saeed0xf/black-hat-ctf

This CTF event was organised by Data Science analytics and Cyber Security club at the annual Tech Fest Prajyukttam ๐ŸŽ†, Assam Don Bosco University ๐ŸŽ“

binary-exploitation capture-the-flag cryptography ctf ctf-challenges ctf-tools digital-forensics web-exploitation website

Last synced: 01 Mar 2025

https://github.com/alexgustafsson/compdec

CompDec is a novel approach to automatically detect the compression algorithm used for file fragments using machine learning

bth carving cnn compression digital-forensics forensics machine-learning paper research study

Last synced: 20 May 2026

https://github.com/saeed0x1/black-hat-ctf

This CTF event was organised by Data Science analytics and Cyber Security club at the annual Tech Fest Prajyukttam ๐ŸŽ†, Assam Don Bosco University ๐ŸŽ“

binary-exploitation capture-the-flag cryptography ctf ctf-challenges ctf-tools digital-forensics web-exploitation website

Last synced: 04 Mar 2026

https://github.com/matthewt0/smartwatch-anti-forensics

Garmin and Fitbit smartwatch modification using ADB, API, and manual modification with database, api, and activity files.

anti-forensics digital-forensics digitalforensics smartwatch

Last synced: 30 Apr 2026

https://github.com/matthewt0/genai-image-forensics-toolbox

Gen-Image-Forensics is a MATLAB-based project designed for analysing and evaluating the integrity of image. This has been adapted from the Image Forensics MATLAB Toolbox to run on inpainting tampered images with 13 of the 16 available localisation algorithms.

dataset-evaluation digital-forensics digital-forensics-tool-set forensics-tools genai image-forensics inpainting matlab

Last synced: 28 Feb 2026

https://github.com/blwhit/threathunter

Advanced PowerShell DFIR module for forensic analysis, threat hunting, and cmdline investigation in Windows.

cybersecurity dfir digital-forensics evtx-analysis forensic-analysis forensics incident-response malware-detection powershell security threat-hunting virustotal windows

Last synced: 10 Jun 2026

https://github.com/fkie-cad/fsstratify

A simulation framework to generate and analyze file system activity

digital-forensics filesystem-analysis research simulations

Last synced: 29 Jan 2026

https://github.com/dfir-dd/kirby

A script to parse several forensic artifacts of given windows (triage) images, using dissect

cli dfir digital-forensics dissect forensics forensics-tools python

Last synced: 27 Mar 2025

https://github.com/yogsec/digital-forensics-tools

A curated list of essential digital forensics tools used for investigation, data recovery, and security analysis. These tools help in disk forensics, memory analysis, network monitoring, malware analysis, and more.

bug-bounty-tools bugbounty cybersecurity cybersecurity-tools digital-forensics digital-forensics-tool digital-forensics-tools ethicalhacking forensic-analysis forensic-investigation forensics kali-linux linux osint pentesting pentesting-tools yogsec

Last synced: 16 Jun 2025