digital-forensics

There are 252 repositories under digital-forensics topic.

cugu/awesome-forensics
A curated list of awesome forensic analysis tools and resources
3.6k 167 10593
TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Language:Scala3.2k 168 2.4k601
Velocidex/velociraptor
Digging Deeper....
Language:Go2.7k 71 1.1k456
simsong/tcpflow
TCP/IP packet demultiplexer. Download from:
Language:C++1.6k 80 176239
stuxnet999/MemLabs
Educational, CTF-styled labs for individuals interested in Memory Forensics
Language:Shell1.6k 48 3198
mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Language:Python1.5k 30 5173
yampelo/beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Language:Python1.3k 49 51145
TheHive-Project/Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
Language:Scala1.3k 58 439214
emalderson/ThePhish
ThePhish: an automated phishing email analysis tool
Language:Python1.1k 20 49170
rezaduty/cybersecurity-career-path
Cybersecurity Career Path
961 26 5142
dfir-iris/iris-web
Collaborative Incident Response platform
Language:JavaScript955 26 303146
spieglt/whatfiles
Log what files are accessed by any Linux process
Language:C937 15 732
mesquidar/ForensicsTools
A list of free and open forensics analysis tools and other resources
916 32 3132
sepinf-inc/IPED
IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.
Language:Java863 64 1.4k208
darkquasar/AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Language:PowerShell765 21 384
DFIRKuiper/Kuiper
Digital Forensics Investigation Platform
Language:JavaScript725 34 69110
ashemery/LinuxForensics
Everything related to Linux Forensics
Language:Shell666 27 191
AvillaDaniel/AvillaForensics
Avilla Forensics 3.0
Language:C#625 36 14135
dfirtrack/dfirtrack
DFIRTrack - The Incident Response Tracking Application
Language:Python468 25 3575
ivbeg/awesome-forensicstools
Awesome list of digital forensic tools
455 23 081
TheHive-Project/Cortex-Analyzers
Cortex Analyzers Repository
Language:Python418 50 688371
evild3ad/MemProcFS-Analyzer
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Language:PowerShell414 20 2747
TheHive-Project/TheHiveDocs
Documentation of TheHive
391 48 156284
vm32/Linux-Incident-Response
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
Language:Shell336 6 148
cyb3rmik3/MDE-DFIR-Resources
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
308 10 235
RealityNet/kobackupdec
Huawei backup decryptor
Language:Python282 19 083
SecurityBrewery/catalyst
Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes
Language:Go279 5 3934
MK-Ware/Forensic-Tools
A collection of tools for forensic analysis
Language:Python270 20 171
digitalisx/awesome-memory-forensics
A curated list of awesome Memory Forensics for DFIR
264 6 434
forensicanalysis/artifactcollector
🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
Language:Go246 9 2419
6abd/horus
An OSINT / digital forensics tool built in Python (formerly 'Sentinel')
Language:Python238 6 921
dfir-dd/dfir-toolkit
CLI tools for forensic investigation of Windows artifacts
Language:Rust238 5 1520
evild3ad/Collect-MemoryDump
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
Language:PowerShell211 6 226
Psmths/windows-forensic-artifacts
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
209 10 124
TheHive-Project/TheHive4py
Python API Client for TheHive
Language:Python208 32 191144
Velocidex/c-aff4
An AFF4 C++ implementation.
Language:C++182 18 6334

digital-forensics

cugu/awesome-forensics

TheHive-Project/TheHive

Velocidex/velociraptor

simsong/tcpflow

stuxnet999/MemLabs

mikeroyal/Digital-Forensics-Guide

yampelo/beagle

TheHive-Project/Cortex

emalderson/ThePhish

rezaduty/cybersecurity-career-path

dfir-iris/iris-web

spieglt/whatfiles

mesquidar/ForensicsTools

sepinf-inc/IPED

darkquasar/AzureHunter

DFIRKuiper/Kuiper

ashemery/LinuxForensics

AvillaDaniel/AvillaForensics

dfirtrack/dfirtrack

ivbeg/awesome-forensicstools

TheHive-Project/Cortex-Analyzers

evild3ad/MemProcFS-Analyzer

TheHive-Project/TheHiveDocs

vm32/Linux-Incident-Response

cyb3rmik3/MDE-DFIR-Resources

RealityNet/kobackupdec

SecurityBrewery/catalyst

MK-Ware/Forensic-Tools

digitalisx/awesome-memory-forensics

forensicanalysis/artifactcollector

6abd/horus

dfir-dd/dfir-toolkit

evild3ad/Collect-MemoryDump

Psmths/windows-forensic-artifacts

TheHive-Project/TheHive4py

Velocidex/c-aff4