forensic-analysis
There are 222 repositories under forensic-analysis topic.
cugu/awesome-forensics
⭐️ A curated list of awesome forensic analysis tools and resources
Srinivas11789/PcapXray
:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
yampelo/beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
ahmedkhlief/APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
B16f00t/whapa
WhatsApp Parser Toolset v1.59
mesquidar/ForensicsTools
A list of free and open forensics analysis tools and other resources
dfir-iris/iris-web
Collaborative Incident Response platform
shadawck/awesome-anti-forensic
Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information.
ion-storm/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
AvillaDaniel/AvillaForensics
Avilla Forensics 3.0
swwwolf/wdbgark
WinDBG Anti-RootKit Extension
ivbeg/awesome-forensicstools
Awesome list of digital forensic tools
m14r41/PentestingEverything
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
dfir-dd/dfir-toolkit
CLI tools for forensic investigation of Windows artifacts
Psmths/windows-forensic-artifacts
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
MK-Ware/Forensic-Tools
A collection of tools for forensic analysis
JohnLaTwC/PyPowerShellXray
Python script to decode common encoded PowerShell scripts
Viralmaniar/Remote-Desktop-Caching-
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
EC-DIGIT-CSIRC/sysdiagnose
Forensic toolkit for iOS sysdiagnose feature
dogoncouch/logdissect
CLI utility and Python module for analyzing log files and other data.
Gadzhovski/TRACE-Forensic-Toolkit
TRACE is a digital forensic analysis tool that provides a user-friendly interface for investigating disk images.
CScorza/Analisi-Digital-Forense
Strumenti di Acquisizione e Analisi di copie Forensi
xiosec/Computer-forensics
The best tools and resources for forensic analysis.
DavidJacobson/SafeText
Script to remove homoglyphs and zero-width characters to allow for safe distribution of documents from anonymous sources.
cado-security/rip_raw
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
hashlookup/hashlookup-forensic-analyser
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
AnonCatalyst/Coeus-OSINT-ToolBox
Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring 📱 to data analysis 📊, it offers a centralized platform for seamless OSINT investigations.
chriswmorris/Metaforge
An OSINT Metadata analyzing tool that filters through tags and creates reports
ChmaraX/forensix
Google Chrome forensic tool to process, analyze and visualize browsing artifacts
resurrecting-open-source-projects/dcfldd
Enhanced version of dd for forensics and security
enferex/pdfresurrect
Analyze and help extract older "hidden" versions of a pdf from the current pdf.
AdamWhiteHat/Judge-Jury-and-Executable
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
lxndrblz/forensicsim
A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and reactions from a Microsoft Teams IndexedDB LevelDB database.
bitranox/fingerprint
Monitoring Registry and File Changes in Windows
merces/entropy
CLI program to calculate the entropy of files