Projects in Awesome Lists tagged with forensic
A curated list of projects in awesome lists tagged with forensic .
https://github.com/sepinf-inc/IPED
IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.
digital-forensics forensic recovery
Last synced: 04 May 2025
https://github.com/dfir-iris/iris-web
Collaborative Incident Response platform
csirt-tooling digital-forensics digital-forensics-incident-response forensic forensic-analysis forensic-tools incident-response python
Last synced: 30 Mar 2025
https://mthcht.github.io/ThreatHunting-Keywords/
Awesome list of keywords and artifacts for Threat Hunting sessions
awesome-list blueteam detection-engineering dfir elk-stack endpoint-security forensic hacktools incident-response iocs offensive-scripts offensive-security redteam siem soc splunk threat-hunting threat-intelligence threathunting yara-rules
Last synced: 10 Apr 2025
https://github.com/A-YATTA/AMDH
Android Mobile Device Hardening
adb android android-hardening android-malware-detection android-security apk forensic hardening scan-settings security
Last synced: 12 Jul 2025
https://github.com/a-yatta/amdh
Android Mobile Device Hardening
adb android android-hardening android-malware-detection android-security apk forensic hardening scan-settings security
Last synced: 11 Jul 2025
https://github.com/kacos2000/windowstimeline
Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
1803 1809 1903 april-2018 artifacts clipboard copy-paste database dfir forensic json1-extension powershell powershell-script powershell-scripts sqlite3 timeline timelines timelineview windows windows-10
Last synced: 21 Aug 2025
https://github.com/kacos2000/WindowsTimeline
Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
1803 1809 1903 april-2018 artifacts clipboard copy-paste database dfir forensic json1-extension powershell powershell-script powershell-scripts sqlite3 timeline timelines timelineview windows windows-10
Last synced: 29 Apr 2025
https://github.com/kacos2000/win10
Win 10/11 related research
amcache bam dfir eventlog events forensic jumplist keyword-lists keywords mediaplayer-library notifications objectid sticky-notes timeline wdi win10 win11 windows xml yourphone
Last synced: 13 Apr 2025
https://github.com/kacos2000/Win10
Win 10/11 related research
amcache bam dfir eventlog events forensic jumplist keyword-lists keywords mediaplayer-library notifications objectid sticky-notes timeline wdi win10 win11 windows xml yourphone
Last synced: 09 Apr 2025
https://github.com/kacos2000/queries
SQLite queries
android chrome database dfir dropbox firefox foreniscs forensic googledrive ios mozilla opera queries skype sqlite3 viber whatsup windows-10 windows-11
Last synced: 10 Aug 2025
https://github.com/bitranox/fingerprint
Monitoring Registry and File Changes in Windows
forensic forensic-analysis forensic-examinations forensics forensics-investigations hacking hacking-code hacking-tool hacking-tools hackingtool hackingtools procmon python3 registry registry-data registry-hacks registry-scripts windows windows-10 windows-7
Last synced: 27 Oct 2025
https://github.com/kacos2000/Prefetch-Browser
Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
browser dfir forensic gui powershell prefetch superfetch win10 win11 windows
Last synced: 29 Apr 2025
https://github.com/kacos2000/prefetch-browser
Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
browser dfir forensic gui powershell prefetch superfetch win10 win11 windows
Last synced: 09 May 2025
https://github.com/circl/forensic-tools
CIRCL system forensic tools or a jumble of tools to support forensic
dfir digital-forensics forensic forensic-analysis
Last synced: 14 Apr 2025
https://github.com/kacos2000/Jumplist-Browser
Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser
00021401-0000-0000-c000-000000000046 1sps automaticdestinations-ms customdestinations-ms fmid forensic gui gui-application jumplist link lnk mrulist ms-shllink powershell propertylist shell shellbag shelllnk shortcut windows
Last synced: 29 Apr 2025
https://github.com/kacos2000/jumplist-browser
Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser
00021401-0000-0000-c000-000000000046 1sps automaticdestinations-ms customdestinations-ms fmid forensic gui gui-application jumplist link lnk mrulist ms-shllink powershell propertylist shell shellbag shelllnk shortcut windows
Last synced: 07 Apr 2025
https://github.com/naemazam/logforenix
log Forenix 🕵️- Your Linux Forensic Artifacts Collector Tool! 🚀
cyber-security cybersecurity cybersecurity-tools forensic forensic-analysis forensics forensics-investigations forensics-tools linux log logging
Last synced: 14 Oct 2025
https://github.com/MrOctopus/pyWhatsUpp
A forensic tool to automatically extract as many artifacts as possible from the WhatsApp desktop/web client
desktop forensic forensics-tools whatsapp
Last synced: 11 Mar 2025
https://github.com/jnbdz/forensic-imaging-quickstarts
Forensic Imaging quickstarts!
bash forensic forensic-analysis forensics forensics-investigations forensics-tools linux quickstart quickstarts shell svod svod-project
Last synced: 30 Apr 2025
https://github.com/txuswashere/digital-forensics
Digital Forensics Essentials (DFE)
dfe digital-forensic digital-forensic-tool digital-forensics digital-forensics-course digitalforensics ec-council forensic forensic-analysis forensic-tools forensics forensics-investigations forensics-tools
Last synced: 25 Mar 2025
https://github.com/hanasuru/trashparse
Simply tool for analyzing Windows Recycle.Bin files
Last synced: 16 May 2025
https://github.com/moul/cryptoguess
Automatically detect and parse cryptography keys
cryptography decode decoder forensic guess hash tool
Last synced: 28 Apr 2025
https://github.com/patatetom/rds4xways
Extract SHA1 from Reference Data Set (RDS) provided by the National Software Reference Library (NSRL) for X-Ways Forensics (or any other tool that uses SHA1).
bash cryptography dfir fingerprint forensic forensics hash nsrl python rds sha1 x-ways
Last synced: 03 Jul 2025
https://github.com/ganeshkandu/imageanalysis
This tool compares the original image to a recompressed version. This can make manipulated regions stand out in various ways. For example they can be darker or brighter than similar regions which have not been manipulated.
analysis composer ela error-level-analysis forensic image-analysis images manipulated-regions-stand packagist php
Last synced: 13 May 2025
https://github.com/patatetom/xtaf
Xbox 360 file system
filesystem forensic forensics fs fuse python xbox360
Last synced: 11 Apr 2025
https://github.com/LeKlex/Attack-simulation-infrastructure
A small and simple network infrastructure with automated attacks on a VM server documented by tshark
bruteforce forensic hacking network nmap nmap-scripts port-scanner reverse-shell security shell-script sql-injection telnet tshark ubuntu vagrant virtualbox
Last synced: 12 Jul 2025
https://github.com/franckferman/lastlog-audit
A Python tool to analyze and export login activity from /var/log/lastlog for security.
forensic forensic-tools forensics forensics-tools lastlog lastlogin lastlogontimestamp linux linux-logs linux-python linux-security linux-security-audit logs logs-analysis parser-python python python-3 python-linux python-linux-audit python3
Last synced: 19 Apr 2025
https://github.com/selective-php/video-type
Video type detection
forensic php video video-formats
Last synced: 19 Apr 2025
https://github.com/franckferman/datadetective
Unlock the story hidden in data - Your digital investigation partner. The Sleuth Kit Python Wrapper.
automation automation-forensics forensic forensic-analysis forensic-examinations forensic-tools forensics forensics-data forensics-investigations forensics-tools python python-3 python3 sleuthkit tsk
Last synced: 27 Dec 2025
https://github.com/mauricelambert/entropyanalysis
This package analyzes file entropy (shannon entropy) for forensic and malware analysis.
cybersecurity disk-analysis entropy entropy-analysis file-analysis forensic malware-analysis security
Last synced: 04 Mar 2025
https://github.com/DecryptaTechnologies/GovTools
GovTools is an innovative open-source toolkit for Windows, designed to streamline the extraction of password hashes from a variety of targets.
analysis bulk-extractor cracking cybersecurity cybersecurity-tools decryption extraction forensic forensic-analysis forensics-investigations forensics-tools hashcat johntheripper password password-recovery penetration-testing vulnerability-assessment
Last synced: 04 Apr 2025
https://github.com/rusq/jpegrip
JPEG the Ripper: extract JPEG files from unstructured data stream
bsd-3-clause extractor forensic forensics-tools jfif jpeg jpg ripper tool
Last synced: 28 Aug 2025
https://github.com/aishee/andump
Tools dump memory for android.
android forensic memory mobile-security
Last synced: 13 May 2025
https://github.com/ditekshen/ansible-asa-forensic-investigation-procedures-first-responders
Ansible Playbook for Cisco ASA Forensic Investigation Procedures for First Responders
ansible ansible-network ansible-playbook arcanedoor asa automation cisco first-responder forensic incident-response investigation procedures
Last synced: 11 Jun 2025
https://github.com/gharib110/onions
A onion personal blog, a mirror maybe ;)
forensic forensics-tools onion onion-services onion-sites onions onions-list osint osint-forensics osint-resources osint-tools social-engineering tech
Last synced: 23 Mar 2025
https://github.com/patatetom/fuseconcat
concatenate multiple files into a single logical file
concatenation forensic forensics fuse fuse-filesystem python
Last synced: 31 Jul 2025
https://github.com/prvvv/chromeforensics
Different code samples for Chrome browser analysis & post exploitation
chrome chrome-devtools exploit forensic forensics forensics-tools hacking password post-exploitation
Last synced: 03 Jan 2026
https://github.com/gharib-uk/onions
A onion personal blog, a mirror maybe ;)
forensic forensics-tools onion onion-services onion-sites onions onions-list osint osint-forensics osint-resources osint-tools social-engineering tech
Last synced: 21 Jun 2025
https://github.com/cuhsat/ffind
Find forensic artifacts in mount points or the live system.
artifacts fact ffind forensic forensic-tool forensic-tools go pipeline windows
Last synced: 10 Oct 2025
https://github.com/komosny/ip-country-forensic-evidence
Country location evidence from IP address
country-location evidence forensic ip-address ip-geolocation
Last synced: 09 Mar 2025
https://github.com/apehex/driven-moodule
Front end for the industrious module
conveyor-belt dashboard forensic optimization-library
Last synced: 26 Dec 2025
https://github.com/mauricelambert/querycombinedlogformat
This tool extracts, filters and parses combined log format (apache and nginx default access.log format) with a easy and fast language syntax.
access access-log access-logs apache clf combined-log-format dfir filtering forensic forensics incident-response investigation language log nginx parser query regex web
Last synced: 23 Dec 2025
https://github.com/rtulke/chronika
Chronika is a forensic analysis tool for reading and visualizing different browser histories in a chronological timeline format. Supports Chrome, Firefox, Safari, Brave, Opera, Edge, Vivaldi, Tor Browser, Chromium, LibreWolf and all browsers on Linux and macOS.
brave browser browser-forensic browser-forensics chrome chromium edge firefox forensic forensic-analysis forensics forensics-tools historical historical-data librewolf opera safari vivaldi
Last synced: 25 Oct 2025
https://github.com/k0p1-git/stacks2020-voicesinthehead
A short writeup on STACKS2020 CTF - Voices in the head challenge (Forenisc)
ctf forensic govtech stacks2020 writeup
Last synced: 26 Aug 2025
https://github.com/debrunbaix/forenmind
ForenMind est un outil open source d’analyse automatique de dumps mémoire Windows. Il permet de détecter des IOCs, créer des timelines, analyser des malwares, et générer des rapports pour les équipes Blue Team.
Last synced: 27 Mar 2025
