awesome-forensics
A curated list of awesome forensic analysis tools and resources
3577cc0-1.0
last month
computer-forensicsdfirdigital-forensics
sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forens
C2473
7 days ago
forensicsincident-responsentfs
joy
A package for capturing and analyzing network flow data and intraflow data, for
C1280other
28 days ago
Kuiper
Digital Forensics Investigation Platform
JavaScript720
4 months ago
artifactsdfirdigital-forensics
dissect
Dissect is a digital forensics & incident response framework and toolset that al
853agpl-3.0
18 days ago
dfirdissectpython
dfir-orc
Forensics artefact collection tool for systems running Microsoft Windows
C++356lgpl-2.1
3 months ago
collectiondfirincident-response
hindsight
Web browser forensics for Google Chrome/Chromium
Python1016apache-2.0
last month
chromedfirforensics
diffy
:no_entry: (DEPRECATED) Diffy is a triage tool used during cloud-centric securit
Python636apache-2.0
4 months ago
dfirforensicssecurity
awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Resp
540mit
5 months ago
dfirdigitalforensicsforensics
hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generat
Rust1937gpl-3.0
9 days ago
attackcybersecuritydetection
awesome-anti-forensic
Tools and packages that are used for countering forensic activities, including e
HTML658other
5 months ago
anti-forensicanti-forensicsantiforensics
inVtero.net
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Inclu
C#276agpl-3.0
7 months ago
attestationcloud-computingforensics
mvt
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devi
Python9789other
10 days ago
androidforensicsforensics-tools
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do
Python9554apache-2.0
8 hours ago
awsazurecis-benchmark
SPECTR3
Forensic tool for acquisition, triage and analysis of remote block devices via i
C#32lgpl-3.0
3 months ago
acquisitioncybersecurityforensics
timesketch
Collaborative forensic timeline analysis
Python2424apache-2.0
4 months ago
analysisdfirforensics
swiftGuard
Anti-forensic macOS tray application designed to safeguard your system by monito
Python301gpl-3.0
6 months ago
anti-forensicsdefensive-securitymacos
dftimewolf
A framework for orchestrating forensic collection, processing and data export
Python273apache-2.0
4 days ago
chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
Rust2547gpl-3.0
14 days ago
attackblueteamchainsaw
artifactcollector
🚨 The artifactcollector is a customizable agent to collect forensic artifacts o
Go238mit
6 months ago
dfirdigital-forensicsforensicartifacts
acquire
acquire is a tool to quickly gather forensic artifacts from disk images or a liv
Python75agpl-3.0
3 days ago
docker-explorer
A tool to help forensicate offline docker acquisitions
Python507apache-2.0
9 months ago
dockerforensics
PowerForensics
PowerForensics provides an all in one platform for live disk forensic analysis
C#1358mit
5 months ago
LiME
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisit
C1634gpl-2.0
25 days ago
IRTriage
Incident Response Triage - Windows Evidence Collection for Forensic Analysis
AutoIt123
8 years ago
ir-rescue
A Windows Batch script and a Unix Bash script to comprehensively collect host fo
Batchfile447other
3 years ago
bashbatchcybersecurity
imagemounter
Command line utility and Python package to ease the (un)mounting of forensic dis
Python111mit
last year
pcapfex
'Packet Capture Forensic Evidence eXtractor' is a tool that finds and extracts f
Python208apache-2.0
4 years ago
CDQR
The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic arti
Python327gpl-3.0
2 years ago