sleuthkit

There are 21 repositories under sleuthkit topic.

  • sleuthkit/sleuthkit

    The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

    Language:C++2.9k173686661

  • sumeshi/ntfsfind

    An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.

    Language:Python28031

  • sumeshi/ntfsdump

    An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.

    Language:Python22384

  • shujianyang/btrForensics

    Forensic Analysis Tool for Btrfs File System.

    Language:C++21331

  • wv8672/digital-forensics-labs

    A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.

    13208

  • nov3mb3r/dfir

    Collection of popular DFIR tools in a lightweight and fast docker image

    Language:Dockerfile12101

  • isciurus/sleuthkit

    A fork of The Sleuthkit with XFS filesystem support. See PR https://github.com/sleuthkit/sleuthkit/pull/1476 for more info.

    Language:C11202

  • nannib/NBTEMPOW

    NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.). It uses TSK (The Sleuthkit) and it has been developed with Lazarus V. 1.6.2 ( Delphi compatible cross-platform IDE for Rapid Application Development). It runs only in Windows. If the device image file is splitted, you can select just the first chunk.

    Language:Pascal8505

  • Sim4n6/Slack_handler

    Python tool to extract File slacks from disk images.

    Language:Python5100

  • franckferman/DataDetective

    🕵️‍♂️ Unlock the story hidden in data - Your digital investigation partner. TheSleuthKit (TSK) Python Wrapper.

    Language:Python4100

  • tanner-g/iKnowdeDiscovery

    Forensic Inode Analysis

    Language:Python43260

  • Deepak710/python-sleuthkit-recover

    Linux command line thumbstick file recovery script using SleuthKit

    Language:Python3111

  • HyperHamster/sleuthkit-recoverdir

    A Bash script that utilizes The Sleuth Kit to recover directories in their entirety

    Language:Shell3101

  • turulomio/recovermypartition

    Recover normal and deleted files from a partition

    Language:Python310

  • CERT-EDF/fossil

    A post-mortem analysis tool for raw disk/partition images

    Language:Python1

  • erfanghorbanee/DigitalForensics-UNIGE

    Solutions to some assignments of the Digital Forensics course that I took during my master's degree at UNIGE (University of Genova).

    110

  • labcif/autopsy-packager

    Automatic Github Workflows packager for autopsy

    Language:Shell1373

  • sumeshi/sleuthkit-mactime.py

    A Python reimplementation of mactime.pl from The Sleuth Kit®.

    Language:Perl11

  • tgmars/flshell

    An interactive shell for The Sleuth Kit's fls tool.

    Language:Go1100

  • usrtem/Digital-Forensics-Labwork

    A collection of digital forensics lab reports covering Linux artifact recovery, shell history analysis, bash script forensics, and incident reconstruction using tools like SleuthKit, Auditd, and command-line utilities.

    1000
  • TSKConnector

    sequence-sh/TSKConnector

    This repository is a mirror of https://gitlab.com/sequence/connectors/tsk

    Language:C#20