digitalforensics
There are 74 repositories under digitalforensics topic.
mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
ion-storm/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
stuhli/awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Response
AndrewRathbun/DFIRMindMaps
A repository of DFIR-related Mind Maps geared towards the visual learners!
BSI-Bund/RdpCacheStitcher
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Correia-jpv/fucking-awesome-incident-response
A curated list of tools for incident response. With repository stars⭐ and forks🍴
cclgroupltd/ccl_chromium_reader
(Sometimes partial) Python re-implementations of the technologies involved in reading various data sources in Chrome-esque applications.
Gadzhovski/TRACE-Forensic-Toolkit
Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.
AndrewRathbun/Awesome-KAPE
A curated list of KAPE-related resources
AndrewRathbun/DFIRRegex
A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
EZToolsManuals/EZToolsManuals
A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
uttambodara/TryHackMeRoadmap
A list of 350+ free TryHackMe rooms💻 to kick off your cybersecurity learning, organized by topics for easy exploration and practical skill-building !💀💥
Digital-Forensics-Discord-Server/ArtifactParsers
A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
AndrewRathbun/KAPE-EZToolsAncillaryUpdater
A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools
AndrewRathbun/DFIRPowerShellScripts
Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
AndrewRathbun/VanillaWindowsRegistryHives
A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update.
AndrewRathbun/EventTranscript.db-Research
A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
umair9747/headmail
A tool designed to analyse email headers
AndrewRathbun/Anti-Forensics-VHDX
A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to add.
CH-CLARK/WalletSleuth
Cryptocurrency Triage Tool - Identify multiple cryptocurrency addresses and transactions from various wallet applications!
AndrewRathbun/ForensicImageKAPEOutput
A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!
txuswashere/Digital-Forensics
Digital Forensics Essentials (DFE)
jagdishpatil2111/OverwatchINT
OverWatchINT is an Open Source Intelligence and All-in-One Hacking Tool. It's purpose is to reduce the time and efforts of security researchers and cyber experts.
mawg0ud/FaceGuard
A framework to detect & localize facial image manipulation.
umair9747/infosec-arsenal
A curated list of tools which you can use in Infosec!
arharif/Digital_Forensics
🕵️ Digital forensics
4n6kween/PlistParser
Property List Timestamp Parser 4 forensics && fun.
AndrewRathbun/WMI-Parser
An updated fork of @woanware's WMI-Parser project
BrandonQ3/Digital-Forensics-Scenario
Scenario: Digital Forensics, completed a final report to present findings. Gathered evidence from an iPhone image file. Looking at WiFi and GPS info, photos and conversations, analyzed the evidence and created timestamps using autopsy.
Cizr/PerlCodingToolkit
This repository contains a diverse collection of Perl scripts and utilities designed to assist developers in various aspects of programming and problem-solving.
hashlookup/hashlookup-format
Common output format for hashlookup
Lynk4/Advent-of-Cyber-2023
THM DESCRIPTION: Get started with Cyber Security in 24 Days - Learn the basics by doing a new, beginner friendly security challenge every day leading up to Christmas.
Prashant-Bhapkar/Digital-Forensic
Curated list of Digital Forensic Tools and Resources.
AndrewRathbun/Get-UsnJrnlInfo
A fork of @evild3ad's Get-UsnJrnlInfo PowerShell Script. Very minor changes for the purpose of a KAPE Module. Gathers information from an extracted $Max file
asiamina/cyberforensics
Educational Course on Cyber Forensics
sahilchavhan/Digital_forensics
this repository contains a comprehensive collection of notes on various aspects of digital forensics, designed to serve as a valuable resource for students, professionals, and enthusiasts in the field. The notes cover fundamental concepts, types of digital evidence, email forensics, forensic duplication, and the creation and analysis of forensic im