An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with forensics-tools

A curated list of projects in awesome lists tagged with forensics-tools .

https://github.com/mvt-project/mvt

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

android forensics forensics-tools ios mobile security

Last synced: 29 Apr 2026

https://github.com/wagga40/zircolite

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

auditd detection evtx evtxtract forensics forensics-tools pysigma python3 sigma sigma-rules sysmon

Last synced: 06 Apr 2026

https://github.com/wagga40/Zircolite

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

auditd detection evtx evtxtract forensics forensics-tools pysigma python3 sigma sigma-rules sysmon

Last synced: 12 Jul 2025

https://github.com/bert-janp/incident-response-powershell

PowerShell Digital Forensics & Incident Response Scripts.

forensics-tools incident-response powershell

Last synced: 15 May 2025

https://github.com/Bert-JanP/Incident-Response-Powershell

PowerShell Digital Forensics & Incident Response Scripts.

forensics-tools incident-response powershell

Last synced: 10 Apr 2025

https://github.com/acquiredsecurity/forensic-timeliner

A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.

axiom chainsaw digital-forensic-tool digital-forensics-incident-response ez-tools forensic-analysis forensic-timeline forensics-investigations forensics-tools hayabusa nirsoft timelines yaml

Last synced: 26 Feb 2026

https://github.com/mcp-shark/mcp-shark

Wireshark-like forensic analysis for Model Context Protocol communications Capture, inspect, and investigate all HTTP requests and responses between your IDE and MCP servers

electron forensic-analysis forensics forensics-tools mcp-protocol monitoring monitoring-tool nodejs security security-audit security-tools traffic-analysis

Last synced: 05 Apr 2026

https://github.com/pawlaszczyk/fqlite

FQLite - SQLite Forensic Toolkit. FQLite is a tool to find and restore deleted records in SQlite databases. It therefore examines the database for entries marked as deleted.

forensics-tools recovery sqlite

Last synced: 04 Feb 2026

https://github.com/andyjsmith/Registry-Spy

Cross-platform registry browser for raw Windows registry files

forensics forensics-tools gui registry windows-forensics

Last synced: 27 Mar 2026

https://github.com/AnonCatalyst/Coeus-OSINT-ToolBox

Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring 📱 to data analysis 📊, it offers a centralized platform for seamless OSINT investigations.

data-science data-visualization database forensic-analysis forensics forensics-tools framework information-retrieval infosec osint osint-framework osint-python osint-resources osint-tool osint-toolkit people-search reconnaissance

Last synced: 06 May 2025

https://github.com/fit-project/fit

FIT is a modular suite of Python applications for digital forensic acquisition of online contents such as web pages, emails, social media, and more. Each module can run independently or as part of the full FIT suite.

forensics forensics-tools pyqt6-desktop-application python3

Last synced: 04 Mar 2026

https://github.com/joeavanzato/retrievir

PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.

dfir evidence forensics forensics-investigations forensics-tools incident-response incident-response-tooling powershell

Last synced: 26 Jul 2025

https://github.com/paulveillard/cybersecurity-forensics

A collection of forensics tools, software, libraries, learning tutorials, frameworks, academic and practical resources in Cybersecurity

cybersecurity digital-forensics forensic-analysis forensics forensics-101 forensics-investigations forensics-tools free open-data open-discovery open-source

Last synced: 07 Jan 2026

https://github.com/andyjsmith/Exe-Spy

ExeSpy is a cross-platform PE viewer for EXE and DLL files

forensics forensics-tools gui pe-file portable-executable windows-forensics

Last synced: 17 Apr 2026

https://github.com/malwaredb/malwaredb-rs

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

cybersecurity forensics-tools hacktoberfest malware malware-analysis malware-research

Last synced: 01 Mar 2026

https://github.com/pjrinaldi/wombatforensics

linux c++, fox-toolkit, multi-threaded forensic gui tool

blake3 cpp forensics-tools fox-toolkit gui linux

Last synced: 10 May 2025

https://github.com/flamusdiu/xleapp

xLEAPP - Merging of iLEAPP/RLEAPP/vLEAPP, ALEAPP, cLEAPP

dfir forensics forensics-tools python3

Last synced: 07 Oct 2025

https://github.com/brazilianscriptguy/windows-sysadmin-prosuite

Enterprise PowerShell & VBScript suite for Active Directory automation, ITSM-aligned provisioning, security hardening, and digital forensics - built for Windows Server and workstation environments by a Senior IAM Analyst with a focus on accuracy, scalability, and compliance.

active-directory active-directory-domain-services activedirectoryapi admin-tools blueteam eventlogs evtx-analisys forensics-tools gpo-policy-security itsm itsm-solutions ldap-authentication-backend organizational-units sysadmin sysadmin-scripts sysadmin-tasks sysadmin-tool windows-server-2019 workstations wsus-maintenance

Last synced: 25 May 2026

https://github.com/light-hat/smart_ids

🧠🛡️ Web service for detecting network attacks in PCAP using ML.

api django django-rest-framework docker forensics forensics-tools machine-learning pcap-analyzer python triton-inference-server

Last synced: 14 Apr 2025

https://github.com/initz3r0/ibex

An iOS backup extraction tool written in Golang

exploitation forensics forensics-tools incident-response ios mobile security

Last synced: 12 Jan 2026

https://github.com/janstarke/ntdsextract2

This aims to be a collection of tools to forensically analyze Active Directory databases

cli forensics forensics-tools rust

Last synced: 09 Apr 2025

https://github.com/zff-team/zff-rs

Library to handle the files in zff format (file format to store and handle forensic acquisitions).

aquisition fileformats forensics forensics-tools rust

Last synced: 17 Mar 2026

https://github.com/MrOctopus/pyWhatsUpp

A forensic tool to automatically extract as many artifacts as possible from the WhatsApp desktop/web client

desktop forensic forensics-tools whatsapp

Last synced: 11 Mar 2025

https://github.com/graphsense/graphsense-lib

A central repository for Python utility functions and all components that interact with the GraphSense backend. The repository provides a CLI interface for managing essential GraphSense maintenance tasks and provides a REST interface used by the frontend (UI). It acts as the core repository, delivering foundational tool

analytics api cryptocurrency forensics-tools

Last synced: 03 Apr 2026

https://github.com/abdullah4345/autochain

AutoChain is a smart Chain of custody creator with the ability to create Forensic images and validate them

chain-of-custody forensics forensics-tools gui-application linux macos python windows

Last synced: 21 Jun 2025

https://github.com/kero99/mftmactime

MFT and USN parser that allows direct extraction in filesystem timeline format (mactime), dump all resident files in the MFT in their original folder structure and run yara rules over them all.

forensics-tools mft ntfs ntfs-ads ntfs-journal python

Last synced: 11 May 2025

https://github.com/vrikodar/trishul

Trishul searches for sensitive data with options to specify custom files and custom keywords to look for in the filesystem

api-keys data-search forensics-tools password-finder sensitive-data-security

Last synced: 14 Jun 2025

https://github.com/alicangnll/pyshadow

PyShadow — Python ShadowCopy Analyzer for Forensic and Data Rescue

cyber-security cybersecurity file-recovery forensic forensic-analysis forensics-tools foresics shadowcopy

Last synced: 07 Apr 2026

https://github.com/devzinh/ghosttrace

Windows forensic scanner. Finds what "Uninstall" leaves behind.

blue-team cli dfir forensics-tools malware-analysis mitre-attack security-tools software windows windows-forensics

Last synced: 25 Jun 2026

https://github.com/ctkqiang/lqz

灵取证是一款功能强大且专业的安卓设备数据取证工具,专门为执法部门、司法机构和安全调查人员设计开发。本工具采用先进的取证技术,确保数据提取过程的完整性和准确性。本工具的开发和使用严格遵循相关法律法规框架,确保所有数据提取操作都在合法授权范围内进行。通过专业的数据处理流程,为执法调查工作提供可靠的电子证据支持。

adb android china chinese chinese-characters cpp ctkqiang cybersecurity database forensics forensics-tools hacking mobile networking transfer-data

Last synced: 24 Jul 2025

https://github.com/neerajlovecyber/raw-dump-tool-v2

This is a Rust & React - based Graphical User Interface (GUI) Memory Dumping Forensics Tool, lovingly crafted by Neeraj Singh.

forensics-tools ram-dump winpmem

Last synced: 29 Jun 2026

https://github.com/thomasvogl/xwf-api-rs

Unofficial Rust Bindings for X-Ways Forensics X-Tension API

ffi-bindings forensics-tools rust rust-lang x-tension x-ways

Last synced: 09 Jul 2025

https://github.com/flexidriod/packet-sniffer-security

🚀 Internet Packet Sniffer - Advanced Network Traffic Analyzer 🔍

cpp forensics-tools intrusion-detection network-analysis npcap-sdk packet-capture packet-sniffer windows-11

Last synced: 02 May 2026

https://github.com/n3rada/sharpnotesreader

A C# light executable that read Windows 11 Notes from TabState directory.

csharp execute-assembly forensics-tools notepad offensive-security red-team windows-11

Last synced: 23 Aug 2025

https://github.com/capevace/forensik-viz

Visualisierung für Forensik-Projekt an der Leuphana Universität Lüneburg

chats forensic-analysis forensics forensics-tools map vue whatsapp

Last synced: 17 Apr 2026

https://github.com/rusq/jpegrip

JPEG the Ripper: extract JPEG files from unstructured data stream

bsd-3-clause extractor forensic forensics-tools jfif jpeg jpg ripper tool

Last synced: 28 Aug 2025

https://github.com/matthewt0/genai-image-forensics-toolbox

Gen-Image-Forensics is a MATLAB-based project designed for analysing and evaluating the integrity of image. This has been adapted from the Image Forensics MATLAB Toolbox to run on inpainting tampered images with 13 of the 16 available localisation algorithms.

dataset-evaluation digital-forensics digital-forensics-tool-set forensics-tools genai image-forensics inpainting matlab

Last synced: 28 Feb 2026

https://github.com/juanbindez/amonexif-v1.0-rc1

This software extracts metadata from photos.

exif-data-extraction exif-metadata exiftool forensics forensics-tools

Last synced: 15 Apr 2026

https://github.com/sumidcyber/netflowcrafter

This Go code is used to listen to network traffic, monitor and analyze certain protocols. Users can listen to live traffic from a specific network interface, monitor protocols such as TCP, UDP, ICMP, and record traffic. It can be used in various applications such as network security and performance monitoring.

cyber-analytics cybersecurity forensic-analysis forensics-tools malware netowrk-tools network network-analysis network-programming networks nmap scanner

Last synced: 24 Mar 2025

https://github.com/vultair/vultair-platform

An automated tool for forensic investigations of social media accounts. Supports platforms like Facebook, Twitter, Instagram, Telegram, WhatsApp, etc.

android automation data-analysis data-parsing forensics-tools investigation social-media

Last synced: 03 Jun 2026

https://github.com/n0raitor/dfir-installer

Install every tool and every needed software for your DFIR (/SRE/PEN/OSINT/TCI) workstation. This Tool is doing the work for you, everything after installing Windows (and update).

dfir dfir-installer forensic-installer forensics-installer forensics-tools installer malware-analysis malware-analysis-installer malware-analysis-tools offensive-tools pentesting-installer pentesting-tools sre-installer sre-tools tool-installer windows-installer

Last synced: 07 Apr 2026

https://github.com/ctkqiang/LQZ

灵取证是一款功能强大且专业的安卓设备数据取证工具,专门为执法部门、司法机构和安全调查人员设计开发。本工具采用先进的取证技术,确保数据提取过程的完整性和准确性。本工具的开发和使用严格遵循相关法律法规框架,确保所有数据提取操作都在合法授权范围内进行。通过专业的数据处理流程,为执法调查工作提供可靠的电子证据支持。

adb android china chinese chinese-characters cpp ctkqiang cybersecurity database forensics forensics-tools hacking mobile networking transfer-data

Last synced: 01 Apr 2025

https://github.com/robyfirnandoyusuf/binparse

Simple Recycle Bin Forensic Tool Written with ❤ Rust

forensics forensics-tools recycle-bin

Last synced: 05 Oct 2025

https://github.com/prvvv/chromeforensics

Different code samples for Chrome browser analysis & post exploitation

chrome chrome-devtools exploit forensic forensics forensics-tools hacking password post-exploitation

Last synced: 03 Jan 2026

https://github.com/f0x4n6/strings

ASCII and Unicode string carving tool.

ascii binary carving file forensic-tools forensics-tools go strings unicode

Last synced: 02 Apr 2026

https://github.com/gustavo-iniguez-goya/decloaker

A simple tool to uncover files, directories, and connections hidden by malware.

forensic-analysis forensics-tools linux-security malware-detection rootkit-detection security-scanner

Last synced: 25 Apr 2026

https://github.com/shockz-offsec/forencics-recompiler-linux

Este script recompilará una gran parte de la información que se suele obtener de un sistema Linux ante un peritaje o análisis forense. Además toda la información será firmada con SHA256.

automation bash dfir dfir-automation forensic-examinations forensics forensics-tools linux recompilation unix

Last synced: 09 May 2026

https://github.com/dfir-dd/kirby

A script to parse several forensic artifacts of given windows (triage) images, using dissect

cli dfir digital-forensics dissect forensics forensics-tools python

Last synced: 27 Mar 2025

https://github.com/foxforensics/bootkey

Extract the BootKey from an offline system hive.

bootkey extract forensic-tool forensics-tools go registry system windows

Last synced: 18 Jun 2026

https://github.com/brazilianscriptguy/brazilianscriptguy

Windows Server Active Directory IT automation cybersecurity PowerShell VBScript enterprise IT infrastructure scripting system administration identity management secure environments automation tools open-source digital forensics.

ad-authentecation blueteam eventlogs evtx-analisys forensics-tools group-policy-object iam-authentication itsm-intelligent-automation sso-authentication windows-desktop windows-server-2019 wsus-maintenance

Last synced: 15 Jan 2026

https://github.com/b0lg0r0v/orion

Orion is a TCP/IP Forensics Tool, written in C, capable of detecting malicious processes / connections on windows hosts by using the VirusTotal API.

connections-monitoring forensics forensics-tools ip-analysis malicious-connections malicious-detection malicious-processes monitoring-systems windows-process

Last synced: 28 Mar 2025

https://github.com/pouriyajamshidi/fwmonitor

for network traffic analysis, displays your iptables, UFW, or any application that logs in the same format, in a pleasant way.

forensics-tools iptables linux network security security-tools

Last synced: 17 Apr 2026

https://github.com/raquelfmcardoso/csf-2023-2024-labs

Forensics Cyber-Security - MEIC @ IST 2023/2024. Labs by Guilherme Patrão, Raquel Cardoso and Valentim Santos.

cyber-security fcs forensics-tools

Last synced: 26 Mar 2025

https://github.com/janstarke/pol_export

⛔️ DEPRECATED: Use https://github.com/dfir-dd/dfir-toolkit instead

cli deprecated forensic-analysis forensics forensics-tools

Last synced: 07 May 2025

https://github.com/yoerinijs/krex

The German Shepherd for computer forensics

forensics forensics-investigations forensics-tools python3

Last synced: 16 Jun 2026

https://github.com/sirwilliamwallace/usb-forensic-analysis

Digital forensic investigation using Kali Linux on Raspberry Pi to analyze malicious USB payloads (ZIP bombs).

cybersecurity digital-forensics forensics-tools kali-linux malware-analysis raspberry-pi tailscale usb-analysis zip-bomb

Last synced: 30 Apr 2026

https://github.com/c-sleuth/folder-lock-decrypt-android

A tool to decrypt files from the android application "Folder Lock"

android-forensics decryption digital-forensics forensics-investigations forensics-tools rust

Last synced: 25 May 2026

https://github.com/capelabs/ebpf-for-dfir

A lightweight, extensible forensic tool that leverages eBPF to collect real-time system events on Windows for Digital Forensics and Incident Response.

dfir ebpf forensics forensics-tools framework windows

Last synced: 05 May 2026

https://github.com/rtulke/chronika

Chronika is a forensic analysis tool for reading and visualizing different browser histories in a chronological timeline format. Supports Chrome, Firefox, Safari, Brave, Opera, Edge, Vivaldi, Tor Browser, Chromium, LibreWolf and all browsers on Linux and macOS.

brave browser browser-forensic browser-forensics chrome chromium edge firefox forensic forensic-analysis forensics forensics-tools historical historical-data librewolf opera safari vivaldi

Last synced: 06 May 2026

https://github.com/anonfaded/notepaddecoder

Recover and decode unsaved Windows Notepad binary files into readable notes

decoding dfir-automation forensics-tools windows-notepad

Last synced: 19 Sep 2025

https://github.com/couragebforedth/get-uv-logs

A batch script that quickly obtains the relevent forensic info for an UltraViewer compromise.

batch-script dfir-tools forensics-tools

Last synced: 22 Mar 2025