awesome-forensics
A curated list of awesome forensic analysis tools and resources
3767cc0-1.0
6 months ago
computer-forensicsdfirdigital-forensics
sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forens
C2544
4 months ago
forensicsincident-responsentfs
joy
A package for capturing and analyzing network flow data and intraflow data, for
C1308other
8 months ago
Kuiper
Digital Forensics Investigation Platform
JavaScript745
4 months ago
artifactsdfirdigital-forensics
dissect
Dissect is a digital forensics & incident response framework and toolset that al
882agpl-3.0
5 months ago
dfirdissectpython
dfir-orc
Forensics artefact collection tool for systems running Microsoft Windows
C++364lgpl-2.1
5 months ago
collectiondfirincident-response
hindsight
Web browser forensics for Google Chrome/Chromium
Python1047apache-2.0
6 months ago
chromedfirforensics
diffy
:no_entry: (DEPRECATED) Diffy is a triage tool used during cloud-centric securit
Python632apache-2.0
10 months ago
dfirforensicssecurity
awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Resp
569mit
5 months ago
dfirdigitalforensicsforensics
hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generat
Rust2113gpl-3.0
4 months ago
attackcybersecuritydetection
awesome-anti-forensic
Tools and packages that are used for countering forensic activities, including e
HTML701other
12 months ago
anti-forensicanti-forensicsantiforensics
mvt
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devi
Python10130other
3 months ago
androidforensicsforensics-tools
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do
Python10398apache-2.0
3 months ago
awsazurecis-benchmark
SPECTR3
Forensic tool for acquisition, triage and analysis of remote block devices via i
C#36lgpl-3.0
9 months ago
acquisitioncybersecurityforensics
timesketch
Collaborative forensic timeline analysis
Python2616apache-2.0
13 days ago
analysisdfirforensics
dftimewolf
A framework for orchestrating forensic collection, processing and data export
Python289apache-2.0
3 months ago
chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
Rust2664gpl-3.0
4 months ago
attackblueteamchainsaw
acquire
acquire is a tool to quickly gather forensic artifacts from disk images or a liv
Python83agpl-3.0
4 months ago
docker-explorer
A tool to help forensicate offline docker acquisitions
Python529apache-2.0
2 months ago
dockerforensics
PowerForensics
PowerForensics provides an all in one platform for live disk forensic analysis
C#1385mit
last year
LiME
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisit
C1679gpl-2.0
5 months ago
inVtero.net
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Inclu
C#277agpl-3.0
last year
attestationcloud-computingforensics
IRTriage
Incident Response Triage - Windows Evidence Collection for Forensic Analysis
AutoIt127
9 years ago
ir-rescue
A Windows Batch script and a Unix Bash script to comprehensively collect host fo
Batchfile459other
4 years ago
bashbatchcybersecurity
swiftGuard
Anti-forensic macOS tray application designed to safeguard your system by monito
Python332gpl-3.0
last year
anti-forensicsdefensive-securitymacos
imagemounter
Command line utility and Python package to ease the (un)mounting of forensic dis
Python116mit
2 years ago
pcapfex
'Packet Capture Forensic Evidence eXtractor' is a tool that finds and extracts f
Python212apache-2.0
5 years ago
artifactcollector
🚨 The artifactcollector is a customizable agent to collect forensic artifacts o
Go258mit
last year
dfirdigital-forensicsforensicartifacts
CDQR
The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic arti
Python330gpl-3.0
2 years ago