Pinned Repositories
autopsy
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
Autopsy-WindowsRegistryContentViewer
Willi Ballenthin's module to view the registry as a content viewer. This has been moved into part of the core Autopsy release and is no longer needed as an add-on module.
Autopsy-WindowsRegistryIngestModule
Will Ballenthin's module to extract all registry key/values as files during ingest. He is no longer maintaining it and we made some minor updates.
autopsy_addon_modules
Repo to store compiled modules or links to 3rd party add-on modules.
hadoop_framework
This is a prototype system that uses Hadoop to process hard drive images.
libewf_64bit
Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.
libvhdi_64bit
64-bit / VS 2015 version of libvhdi (https://github.com/libyal/libvhdi)
libvmdk_64bit
64-bit / VS 2015 version of libvmdk (https://github.com/libyal/libvmdk)
scalpel
Scalpel is an open source data carving tool. It is not being actively maintained.
sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
The Sleuth Kit's Repositories
sleuthkit/sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
sleuthkit/autopsy
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
sleuthkit/scalpel
Scalpel is an open source data carving tool. It is not being actively maintained.
sleuthkit/autopsy_addon_modules
Repo to store compiled modules or links to 3rd party add-on modules.
sleuthkit/hadoop_framework
This is a prototype system that uses Hadoop to process hard drive images.
sleuthkit/libewf_64bit
Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.
sleuthkit/Autopsy-WindowsRegistryContentViewer
Willi Ballenthin's module to view the registry as a content viewer. This has been moved into part of the core Autopsy release and is no longer needed as an add-on module.
sleuthkit/Autopsy-WindowsRegistryIngestModule
Will Ballenthin's module to extract all registry key/values as files during ingest. He is no longer maintaining it and we made some minor updates.
sleuthkit/libvhdi_64bit
64-bit / VS 2015 version of libvhdi (https://github.com/libyal/libvhdi)
sleuthkit/libvmdk_64bit
64-bit / VS 2015 version of libvmdk (https://github.com/libyal/libvmdk)
sleuthkit/JavaStixBindings
We needed some jaxb bindings for STIX for an Autopsy module. This is temporary code until the official MITRE Java bindings are published.
sleuthkit/libvmdk
Library and tools to access the VMware Virtual Disk (VMDK) format
sleuthkit/sleuthkit.github.com
website
sleuthkit/governance
sleuthkit/libewf-legacy
Legacy version of libewf
sleuthkit/sevenzipjbinding
7-Zip-JBinding
sleuthkit/yara-java
Java bindings for Yara