Projects in Awesome Lists tagged with forensics-tools
A curated list of projects in awesome lists tagged with forensics-tools .
https://github.com/mvt-project/mvt
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
android forensics forensics-tools ios mobile security
Last synced: 29 Apr 2026
https://github.com/deepfence/packetstreamer
:star: :star: Distributed tcpdump for cloud native environments :star: :star:
forensics-tools hacktoberfest infosectools network-analysis observability packet-capture packet-sniffer pcap secops security-tools snort soc suricata tcpdump-like traffic-monitoring zeek
Last synced: 15 May 2025
https://github.com/deepfence/PacketStreamer
:star: :star: Distributed tcpdump for cloud native environments :star: :star:
forensics-tools hacktoberfest infosectools network-analysis observability packet-capture packet-sniffer pcap secops security-tools snort soc suricata tcpdump-like traffic-monitoring zeek
Last synced: 30 Mar 2025
https://github.com/mikeroyal/digital-forensics-guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
alerting cyber-security detection-engineering dfir digital-forensics digitalforensicreadiness digitalforensics forensic-analysis forensics forensics-investigations forensics-tools intrusion-detection mitre-attack network-security offensive-security osint port-scanning security siem threat-intelligence
Last synced: 08 Apr 2025
https://github.com/mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
alerting cyber-security detection-engineering dfir digital-forensics digitalforensicreadiness digitalforensics forensic-analysis forensics forensics-investigations forensics-tools intrusion-detection mitre-attack network-security offensive-security osint port-scanning security siem threat-intelligence
Last synced: 14 Mar 2025
https://github.com/deepfence/FlowMeter
⭐ ⭐ Use ML to classify flows and packets as benign or malicious. ⭐ ⭐
awesome data-science data-science-projects forensics-tools hacktoberfest infosectools machine-learning machine-learning-projects machinelearning machinelearningproject network-analysis network-security packet-analyser pcap security security-tools tcpdump-like
Last synced: 30 Mar 2025
https://github.com/deepfence/flowmeter
⭐ ⭐ Use ML to classify flows and packets as benign or malicious. ⭐ ⭐
awesome data-science data-science-projects forensics-tools hacktoberfest infosectools machine-learning machine-learning-projects machinelearning machinelearningproject network-analysis network-security packet-analyser pcap security security-tools tcpdump-like
Last synced: 29 Sep 2025
https://github.com/mikeroyal/open-source-security-guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection
Last synced: 16 May 2025
https://github.com/mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection
Last synced: 30 Mar 2025
https://github.com/avilladaniel/avillaforensics
Avilla Forensics 3.0
adb adb-commands android apktool devices digital-forensics downgrade downgrade-attack extrator forensic-analysis forensics forensics-tools instagram ios mobile mobile-forensics signal telegram whatsapp whatsapp-parser
Last synced: 15 May 2025
https://github.com/wagga40/zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
auditd detection evtx evtxtract forensics forensics-tools pysigma python3 sigma sigma-rules sysmon
Last synced: 06 Apr 2026
https://github.com/wagga40/Zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
auditd detection evtx evtxtract forensics forensics-tools pysigma python3 sigma sigma-rules sysmon
Last synced: 12 Jul 2025
https://github.com/cristianzsh/forensictools
Collection of forensic tools
binary-analysis dfir forensic-examinations forensics forensics-tools incident-response toolkit tools
Last synced: 27 Jan 2026
https://github.com/bert-janp/incident-response-powershell
PowerShell Digital Forensics & Incident Response Scripts.
forensics-tools incident-response powershell
Last synced: 15 May 2025
https://github.com/Bert-JanP/Incident-Response-Powershell
PowerShell Digital Forensics & Incident Response Scripts.
forensics-tools incident-response powershell
Last synced: 10 Apr 2025
https://github.com/acquiredsecurity/forensic-timeliner
A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.
axiom chainsaw digital-forensic-tool digital-forensics-incident-response ez-tools forensic-analysis forensic-timeline forensics-investigations forensics-tools hayabusa nirsoft timelines yaml
Last synced: 26 Feb 2026
https://github.com/dfir-dd/dfir-toolkit
CLI tools for forensic investigation of Windows artifacts
cli dfir digital-forensics digital-forensics-incident-response forensic-analysis forensics forensics-tools rust rust-lang
Last synced: 04 Apr 2025
https://github.com/jurelou/epagneul
Graph Visualization for windows event logs
blueteam dfir-automation evtx forensics forensics-tools hunting security security-tools threat-hunting
Last synced: 12 Jul 2025
https://github.com/mcp-shark/mcp-shark
Wireshark-like forensic analysis for Model Context Protocol communications Capture, inspect, and investigate all HTTP requests and responses between your IDE and MCP servers
electron forensic-analysis forensics forensics-tools mcp-protocol monitoring monitoring-tool nodejs security security-audit security-tools traffic-analysis
Last synced: 05 Apr 2026
https://github.com/xiosec/computer-forensics
The best tools and resources for forensic analysis.
analysis computer-forensics digital-forensics forensic-analysis forensics forensics-tools hacking scanner security security-tools
Last synced: 28 Jan 2026
https://github.com/cscorza/analisi-digital-forense
Strumenti di Acquisizione e Analisi di copie Forensi
best-practices difr digital forensic-analysis forensics forensics-investigations forensics-tools linux macos tools windows
Last synced: 10 Sep 2025
https://github.com/pawlaszczyk/fqlite
FQLite - SQLite Forensic Toolkit. FQLite is a tool to find and restore deleted records in SQlite databases. It therefore examines the database for entries marked as deleted.
forensics-tools recovery sqlite
Last synced: 04 Feb 2026
https://github.com/andyjsmith/Registry-Spy
Cross-platform registry browser for raw Windows registry files
forensics forensics-tools gui registry windows-forensics
Last synced: 27 Mar 2026
https://github.com/AnonCatalyst/Coeus-OSINT-ToolBox
Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring 📱 to data analysis 📊, it offers a centralized platform for seamless OSINT investigations.
data-science data-visualization database forensic-analysis forensics forensics-tools framework information-retrieval infosec osint osint-framework osint-python osint-resources osint-tool osint-toolkit people-search reconnaissance
Last synced: 06 May 2025
https://github.com/fit-project/fit
FIT is a modular suite of Python applications for digital forensic acquisition of online contents such as web pages, emails, social media, and more. Each module can run independently or as part of the full FIT suite.
forensics forensics-tools pyqt6-desktop-application python3
Last synced: 04 Mar 2026
https://github.com/emrekybs/mrhandler
Linux Incident Response Reporting
cyber-security forensics-investigations forensics-tools incident-management incident-response incident-response-tooling linux python
Last synced: 08 Aug 2025
https://github.com/joeavanzato/retrievir
PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
dfir evidence forensics forensics-investigations forensics-tools incident-response incident-response-tooling powershell
Last synced: 26 Jul 2025
https://github.com/paulveillard/cybersecurity-forensics
A collection of forensics tools, software, libraries, learning tutorials, frameworks, academic and practical resources in Cybersecurity
cybersecurity digital-forensics forensic-analysis forensics forensics-101 forensics-investigations forensics-tools free open-data open-discovery open-source
Last synced: 07 Jan 2026
https://github.com/andyjsmith/Exe-Spy
ExeSpy is a cross-platform PE viewer for EXE and DLL files
forensics forensics-tools gui pe-file portable-executable windows-forensics
Last synced: 17 Apr 2026
https://github.com/malwaredb/malwaredb-rs
MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
cybersecurity forensics-tools hacktoberfest malware malware-analysis malware-research
Last synced: 01 Mar 2026
https://github.com/pjrinaldi/wombatforensics
linux c++, fox-toolkit, multi-threaded forensic gui tool
blake3 cpp forensics-tools fox-toolkit gui linux
Last synced: 10 May 2025
https://github.com/flamusdiu/xleapp
xLEAPP - Merging of iLEAPP/RLEAPP/vLEAPP, ALEAPP, cLEAPP
dfir forensics forensics-tools python3
Last synced: 07 Oct 2025
https://github.com/brazilianscriptguy/windows-sysadmin-prosuite
Enterprise PowerShell & VBScript suite for Active Directory automation, ITSM-aligned provisioning, security hardening, and digital forensics - built for Windows Server and workstation environments by a Senior IAM Analyst with a focus on accuracy, scalability, and compliance.
active-directory active-directory-domain-services activedirectoryapi admin-tools blueteam eventlogs evtx-analisys forensics-tools gpo-policy-security itsm itsm-solutions ldap-authentication-backend organizational-units sysadmin sysadmin-scripts sysadmin-tasks sysadmin-tool windows-server-2019 workstations wsus-maintenance
Last synced: 25 May 2026
https://github.com/naemazam/logforenix
log Forenix 🕵️- Your Linux Forensic Artifacts Collector Tool! 🚀
cyber-security cybersecurity cybersecurity-tools forensic forensic-analysis forensics forensics-investigations forensics-tools linux log logging
Last synced: 14 Oct 2025
https://github.com/light-hat/smart_ids
🧠🛡️ Web service for detecting network attacks in PCAP using ML.
api django django-rest-framework docker forensics forensics-tools machine-learning pcap-analyzer python triton-inference-server
Last synced: 14 Apr 2025
https://github.com/initz3r0/ibex
An iOS backup extraction tool written in Golang
exploitation forensics forensics-tools incident-response ios mobile security
Last synced: 12 Jan 2026
https://github.com/janstarke/ntdsextract2
This aims to be a collection of tools to forensically analyze Active Directory databases
cli forensics forensics-tools rust
Last synced: 09 Apr 2025
https://github.com/zff-team/zff-rs
Library to handle the files in zff format (file format to store and handle forensic acquisitions).
aquisition fileformats forensics forensics-tools rust
Last synced: 17 Mar 2026
https://github.com/MrOctopus/pyWhatsUpp
A forensic tool to automatically extract as many artifacts as possible from the WhatsApp desktop/web client
desktop forensic forensics-tools whatsapp
Last synced: 11 Mar 2025
https://github.com/graphsense/graphsense-lib
A central repository for Python utility functions and all components that interact with the GraphSense backend. The repository provides a CLI interface for managing essential GraphSense maintenance tasks and provides a REST interface used by the frontend (UI). It acts as the core repository, delivering foundational tool
analytics api cryptocurrency forensics-tools
Last synced: 03 Apr 2026
https://github.com/stavinski/winhook
Go library to allow native inline hooking in windows at runtime
cybersecurity forensics-investigations forensics-tools go golang hacking hooking hooks-library infosec malware-development windows x64
Last synced: 02 Mar 2025
https://github.com/txuswashere/digital-forensics
Digital Forensics Essentials (DFE)
dfe digital-forensic digital-forensic-tool digital-forensics digital-forensics-course digitalforensics ec-council forensic forensic-analysis forensic-tools forensics forensics-investigations forensics-tools
Last synced: 21 Jan 2026
https://github.com/jnbdz/forensic-imaging-quickstarts
Forensic Imaging quickstarts!
bash forensic forensic-analysis forensics forensics-investigations forensics-tools linux quickstart quickstarts shell svod svod-project
Last synced: 30 Apr 2025
https://github.com/abdullah4345/autochain
AutoChain is a smart Chain of custody creator with the ability to create Forensic images and validate them
chain-of-custody forensics forensics-tools gui-application linux macos python windows
Last synced: 21 Jun 2025
https://github.com/vobst/bpfvol3
Linux BPF plugins for Volatility3
bpf ebpf forensics forensics-tools memory-forensics plugin volatility volatility3
Last synced: 09 Oct 2025
https://github.com/kero99/mftmactime
MFT and USN parser that allows direct extraction in filesystem timeline format (mactime), dump all resident files in the MFT in their original folder structure and run yara rules over them all.
forensics-tools mft ntfs ntfs-ads ntfs-journal python
Last synced: 11 May 2025
https://github.com/vrikodar/trishul
Trishul searches for sensitive data with options to specify custom files and custom keywords to look for in the filesystem
api-keys data-search forensics-tools password-finder sensitive-data-security
Last synced: 14 Jun 2025
https://github.com/avilladaniel/signal-forensics
Signal database acquisition and decryption.
android forensics forensics-investigations forensics-signal forensics-tools signal signal-forensics signal-processing
Last synced: 05 May 2025
https://github.com/alicangnll/pyshadow
PyShadow — Python ShadowCopy Analyzer for Forensic and Data Rescue
cyber-security cybersecurity file-recovery forensic forensic-analysis forensics-tools foresics shadowcopy
Last synced: 07 Apr 2026
https://github.com/devzinh/ghosttrace
Windows forensic scanner. Finds what "Uninstall" leaves behind.
blue-team cli dfir forensics-tools malware-analysis mitre-attack security-tools software windows windows-forensics
Last synced: 25 Jun 2026
https://github.com/ctkqiang/lqz
灵取证是一款功能强大且专业的安卓设备数据取证工具,专门为执法部门、司法机构和安全调查人员设计开发。本工具采用先进的取证技术,确保数据提取过程的完整性和准确性。本工具的开发和使用严格遵循相关法律法规框架,确保所有数据提取操作都在合法授权范围内进行。通过专业的数据处理流程,为执法调查工作提供可靠的电子证据支持。
adb android china chinese chinese-characters cpp ctkqiang cybersecurity database forensics forensics-tools hacking mobile networking transfer-data
Last synced: 24 Jul 2025
https://github.com/neerajlovecyber/raw-dump-tool-v2
This is a Rust & React - based Graphical User Interface (GUI) Memory Dumping Forensics Tool, lovingly crafted by Neeraj Singh.
forensics-tools ram-dump winpmem
Last synced: 29 Jun 2026
https://github.com/thomasvogl/xwf-api-rs
Unofficial Rust Bindings for X-Ways Forensics X-Tension API
ffi-bindings forensics-tools rust rust-lang x-tension x-ways
Last synced: 09 Jul 2025
https://github.com/flexidriod/packet-sniffer-security
🚀 Internet Packet Sniffer - Advanced Network Traffic Analyzer 🔍
cpp forensics-tools intrusion-detection network-analysis npcap-sdk packet-capture packet-sniffer windows-11
Last synced: 02 May 2026
https://github.com/yogsec/web-history-analysis
Web History Analysis is an advanced tool for classifying and categorizing URLs from browser history logs using machine learning techniques.
bug-bounty-tools cyber-security cybersecurity cybersecurity-tools deep-learning-cybersecurity deeplearning digital-forensics foremost forensics forensics-investigations forensics-tools forinsics-investivation hack-with-ai hackers hacking hacking-tool hacking-tools machine-learning penetration-testing yogsec
Last synced: 12 Aug 2025
https://github.com/n3rada/sharpnotesreader
A C# light executable that read Windows 11 Notes from TabState directory.
csharp execute-assembly forensics-tools notepad offensive-security red-team windows-11
Last synced: 23 Aug 2025
https://github.com/franckferman/lastlog-audit
A Python tool to analyze and export login activity from /var/log/lastlog for security.
forensic forensic-tools forensics forensics-tools lastlog lastlogin lastlogontimestamp linux linux-logs linux-python linux-security linux-security-audit logs logs-analysis parser-python python python-3 python-linux python-linux-audit python3
Last synced: 19 Apr 2025
https://github.com/c-sleuth/lock-my-pix-android-decrypt
Decryption tool for LockMyPix android app
digital-forensics forensic-analysis forensic-tools forensics-investigations forensics-tools
Last synced: 01 Mar 2025
https://github.com/capevace/forensik-viz
Visualisierung für Forensik-Projekt an der Leuphana Universität Lüneburg
chats forensic-analysis forensics forensics-tools map vue whatsapp
Last synced: 17 Apr 2026
https://github.com/rusq/jpegrip
JPEG the Ripper: extract JPEG files from unstructured data stream
bsd-3-clause extractor forensic forensics-tools jfif jpeg jpg ripper tool
Last synced: 28 Aug 2025
https://github.com/foxforensics/fox
The Forensic Examiners Swiss Army Knife.
active-directory carving cef deflate dfir elastic eventlogs evtx forensics forensics-tools fox hashes journal mqtt ntds ntlm sigma-rules splunk swiss-army-knife wordlist
Last synced: 09 Jun 2026
https://github.com/franckferman/datadetective
Unlock the story hidden in data - Your digital investigation partner. The Sleuth Kit Python Wrapper.
automation automation-forensics forensic forensic-analysis forensic-examinations forensic-tools forensics forensics-data forensics-investigations forensics-tools python python-3 python3 sleuthkit tsk
Last synced: 27 Dec 2025
https://github.com/matthewt0/genai-image-forensics-toolbox
Gen-Image-Forensics is a MATLAB-based project designed for analysing and evaluating the integrity of image. This has been adapted from the Image Forensics MATLAB Toolbox to run on inpainting tampered images with 13 of the 16 available localisation algorithms.
dataset-evaluation digital-forensics digital-forensics-tool-set forensics-tools genai image-forensics inpainting matlab
Last synced: 28 Feb 2026
https://github.com/juanbindez/amonexif-v1.0-rc1
This software extracts metadata from photos.
exif-data-extraction exif-metadata exiftool forensics forensics-tools
Last synced: 15 Apr 2026
https://github.com/DecryptaTechnologies/GovTools
GovTools is an innovative open-source toolkit for Windows, designed to streamline the extraction of password hashes from a variety of targets.
analysis bulk-extractor cracking cybersecurity cybersecurity-tools decryption extraction forensic forensic-analysis forensics-investigations forensics-tools hashcat johntheripper password password-recovery penetration-testing vulnerability-assessment
Last synced: 04 Apr 2025
https://github.com/danielcshn/vyos-scanner
Tool to scan for VyOS forensic artifacts and vulnerabilities.
cibersecurity cve cve-scanning forensics forensics-tools security-audit security-tools vyos vyos-build vyos-virtual-router
Last synced: 08 May 2025
https://github.com/sumidcyber/netflowcrafter
This Go code is used to listen to network traffic, monitor and analyze certain protocols. Users can listen to live traffic from a specific network interface, monitor protocols such as TCP, UDP, ICMP, and record traffic. It can be used in various applications such as network security and performance monitoring.
cyber-analytics cybersecurity forensic-analysis forensics-tools malware netowrk-tools network network-analysis network-programming networks nmap scanner
Last synced: 24 Mar 2025
https://github.com/vultair/vultair-platform
An automated tool for forensic investigations of social media accounts. Supports platforms like Facebook, Twitter, Instagram, Telegram, WhatsApp, etc.
android automation data-analysis data-parsing forensics-tools investigation social-media
Last synced: 03 Jun 2026
https://github.com/gharib110/onions
A onion personal blog, a mirror maybe ;)
forensic forensics-tools onion onion-services onion-sites onions onions-list osint osint-forensics osint-resources osint-tools social-engineering tech
Last synced: 23 Mar 2025
https://github.com/n0raitor/dfir-installer
Install every tool and every needed software for your DFIR (/SRE/PEN/OSINT/TCI) workstation. This Tool is doing the work for you, everything after installing Windows (and update).
dfir dfir-installer forensic-installer forensics-installer forensics-tools installer malware-analysis malware-analysis-installer malware-analysis-tools offensive-tools pentesting-installer pentesting-tools sre-installer sre-tools tool-installer windows-installer
Last synced: 07 Apr 2026
https://github.com/ctkqiang/LQZ
灵取证是一款功能强大且专业的安卓设备数据取证工具,专门为执法部门、司法机构和安全调查人员设计开发。本工具采用先进的取证技术,确保数据提取过程的完整性和准确性。本工具的开发和使用严格遵循相关法律法规框架,确保所有数据提取操作都在合法授权范围内进行。通过专业的数据处理流程,为执法调查工作提供可靠的电子证据支持。
adb android china chinese chinese-characters cpp ctkqiang cybersecurity database forensics forensics-tools hacking mobile networking transfer-data
Last synced: 01 Apr 2025
https://github.com/robyfirnandoyusuf/binparse
Simple Recycle Bin Forensic Tool Written with ❤ Rust
forensics forensics-tools recycle-bin
Last synced: 05 Oct 2025
https://github.com/halukyamaner/disk-scanner
Disk Scanner
data-forensics disk-crawler disk-scanner disk-tools forensic-analysis forensics forensics-tools
Last synced: 12 Oct 2025
https://github.com/havocesp/pyhindsight
Forensics analysis for Chromium based browsers.
analysis-tools brave brave-browser browser chrome forensic-analysis forensics forensics-tools google-chrome
Last synced: 29 Sep 2025
https://github.com/prvvv/chromeforensics
Different code samples for Chrome browser analysis & post exploitation
chrome chrome-devtools exploit forensic forensics forensics-tools hacking password post-exploitation
Last synced: 03 Jan 2026
https://github.com/robyfirnandoyusuf/backdoor-scanner
Backdoor Scanner PHP CLI Based
backdoor-finder forensics-tools scanner-web
Last synced: 25 Jun 2025
https://github.com/f0x4n6/strings
ASCII and Unicode string carving tool.
ascii binary carving file forensic-tools forensics-tools go strings unicode
Last synced: 02 Apr 2026
https://github.com/xoraur0n/notes
A collection of various cybersecurity notes written in Markdown
assembly-arm assembly-x86 bash binary-exploitation cprogramming embedded-systems forensic-analysis forensics-tools incident-response low-level-programming malware-analysis memory-analysis penetration-testing penetration-testing-tools powershell python3 siem signature-detection soar
Last synced: 19 Jan 2026
https://github.com/gustavo-iniguez-goya/decloaker
A simple tool to uncover files, directories, and connections hidden by malware.
forensic-analysis forensics-tools linux-security malware-detection rootkit-detection security-scanner
Last synced: 25 Apr 2026
https://github.com/gharib-uk/onions
A onion personal blog, a mirror maybe ;)
forensic forensics-tools onion onion-services onion-sites onions onions-list osint osint-forensics osint-resources osint-tools social-engineering tech
Last synced: 21 Jun 2025
https://github.com/shockz-offsec/forencics-recompiler-linux
Este script recompilará una gran parte de la información que se suele obtener de un sistema Linux ante un peritaje o análisis forense. Además toda la información será firmada con SHA256.
automation bash dfir dfir-automation forensic-examinations forensics forensics-tools linux recompilation unix
Last synced: 09 May 2026
https://github.com/dfir-dd/kirby
A script to parse several forensic artifacts of given windows (triage) images, using dissect
cli dfir digital-forensics dissect forensics forensics-tools python
Last synced: 27 Mar 2025
https://github.com/foxforensics/entropy
Calculate file entropy.
binary calculation entropy file forensic-tools forensics-tools go
Last synced: 18 Jun 2026
https://github.com/foxforensics/bootkey
Extract the BootKey from an offline system hive.
bootkey extract forensic-tool forensics-tools go registry system windows
Last synced: 18 Jun 2026
https://github.com/brazilianscriptguy/brazilianscriptguy
Windows Server Active Directory IT automation cybersecurity PowerShell VBScript enterprise IT infrastructure scripting system administration identity management secure environments automation tools open-source digital forensics.
ad-authentecation blueteam eventlogs evtx-analisys forensics-tools group-policy-object iam-authentication itsm-intelligent-automation sso-authentication windows-desktop windows-server-2019 wsus-maintenance
Last synced: 15 Jan 2026
https://github.com/b0lg0r0v/orion
Orion is a TCP/IP Forensics Tool, written in C, capable of detecting malicious processes / connections on windows hosts by using the VirusTotal API.
connections-monitoring forensics forensics-tools ip-analysis malicious-connections malicious-detection malicious-processes monitoring-systems windows-process
Last synced: 28 Mar 2025
https://github.com/pouriyajamshidi/fwmonitor
for network traffic analysis, displays your iptables, UFW, or any application that logs in the same format, in a pleasant way.
forensics-tools iptables linux network security security-tools
Last synced: 17 Apr 2026
https://github.com/rosanafss/dfir-memory-analysis
DFIR - Windows Memory Analys
dfir digital-forensics forensics forensics-investigations forensics-tools memory-acquisition volatility windows
Last synced: 29 Jun 2025
https://github.com/foxforensics/strings
Carve ASCII and Unicode strings from files.
ascii carving file forensic-tools forensics-tools go string string-carving strings unicode
Last synced: 18 Jun 2026
https://github.com/raquelfmcardoso/csf-2023-2024-labs
Forensics Cyber-Security - MEIC @ IST 2023/2024. Labs by Guilherme Patrão, Raquel Cardoso and Valentim Santos.
cyber-security fcs forensics-tools
Last synced: 26 Mar 2025
https://github.com/c-sleuth/doc2txt
Tool for extracting the text from .doc files
digital-forensics forensic-analysis forensics forensics-investigations forensics-tools rust rust-lang
Last synced: 04 Jun 2026
https://github.com/janstarke/pol_export
⛔️ DEPRECATED: Use https://github.com/dfir-dd/dfir-toolkit instead
cli deprecated forensic-analysis forensics forensics-tools
Last synced: 07 May 2025
https://github.com/yoerinijs/krex
The German Shepherd for computer forensics
forensics forensics-investigations forensics-tools python3
Last synced: 16 Jun 2026
https://github.com/sirwilliamwallace/usb-forensic-analysis
Digital forensic investigation using Kali Linux on Raspberry Pi to analyze malicious USB payloads (ZIP bombs).
cybersecurity digital-forensics forensics-tools kali-linux malware-analysis raspberry-pi tailscale usb-analysis zip-bomb
Last synced: 30 Apr 2026
https://github.com/c-sleuth/folder-lock-decrypt-android
A tool to decrypt files from the android application "Folder Lock"
android-forensics decryption digital-forensics forensics-investigations forensics-tools rust
Last synced: 25 May 2026
https://github.com/capelabs/ebpf-for-dfir
A lightweight, extensible forensic tool that leverages eBPF to collect real-time system events on Windows for Digital Forensics and Incident Response.
dfir ebpf forensics forensics-tools framework windows
Last synced: 05 May 2026
https://github.com/rtulke/chronika
Chronika is a forensic analysis tool for reading and visualizing different browser histories in a chronological timeline format. Supports Chrome, Firefox, Safari, Brave, Opera, Edge, Vivaldi, Tor Browser, Chromium, LibreWolf and all browsers on Linux and macOS.
brave browser browser-forensic browser-forensics chrome chromium edge firefox forensic forensic-analysis forensics forensics-tools historical historical-data librewolf opera safari vivaldi
Last synced: 06 May 2026
https://github.com/anonfaded/notepaddecoder
Recover and decode unsaved Windows Notepad binary files into readable notes
decoding dfir-automation forensics-tools windows-notepad
Last synced: 19 Sep 2025
https://github.com/couragebforedth/get-uv-logs
A batch script that quickly obtains the relevent forensic info for an UltraViewer compromise.
batch-script dfir-tools forensics-tools
Last synced: 22 Mar 2025