⭐️ A curated list of awesome forensic analysis tools and resources
-
Updated
Feb 2, 2025
#
computer-forensics
Here are 41 public repositories matching this topic...
❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
python network-diagram security pcap packets network tor traffic forensics cybersecurity computer-forensics forensic-analysis tor-traffic
-
Updated
Mar 28, 2022 - Python
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
macos linux shell freebsd security terminal openbsd script esxi incident-response forensics dfir netscaler collector netbsd solaris aix triage computer-forensics live-response
-
Updated
Feb 5, 2025 - Shell
The best tools and resources for forensic analysis.
security analysis scanner hacking forensics digital-forensics computer-forensics forensic-analysis security-tools forensics-tools
-
Updated
Feb 24, 2023
-
Updated
Dec 23, 2024
Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
-
Updated
Jan 18, 2022 - Python
This will compile a list of Android, iOS, Linux malware techniques for attacking and detection purposes.
-
Updated
Nov 29, 2022
unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
linux freebsd security unix openbsd script esxi incident-response posix forensics dfir solaris triage computer-forensics blueteam dfir-automation live-response forensics-tools
-
Updated
Jan 1, 2025 - Shell
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
docker dockerfile ubuntu docker-compose makefile systemd cybersecurity bug-bounty security-vulnerability kali-linux vulnerability-detection vulnerability-scanners kali computer-forensics security-tools docker-kali-linux buildkit pentesting-tools trivy
-
Updated
Sep 18, 2024 - Dockerfile
A Volatility plugin for finding sqlite database rows
-
Updated
Jul 14, 2019 - Python
LiveDiff is a portable system-level differencing tool for Microsoft Windows-based operating systems
-
Updated
Dec 7, 2018 - C#
Extract valid or partially valid domain names and IPs from malicious or invalid URLs.
python url security extractor incident-response domain penetration-testing ip bug-bounty threat-hunting domain-name ethical-hacking computer-forensics threat-intelligence red-team-engagement defensive-security
-
Updated
Jun 19, 2023 - Python
The forensic analysis write-up / walkthrough for forensic disk image.
-
Updated
Jul 23, 2022
Dump a process memory and extract data based on regular expressions.
windows security c-plus-plus incident-response reverse-engineering penetration-testing bug-bounty threat-hunting offensive-security ethical-hacking computer-forensics red-team-engagement defensive-security dump-memory windows-penetration-testing
-
Updated
Apr 25, 2023 - C++
CellXML-Registry.exe is a portable Windows tool that parses an offline Windows Registry hive file and converts it to the RegXML format. CellXML-Registry leverages the Registry parser project by Eric Zimmerman to aid in parsing the Registry structure.
-
Updated
Jun 19, 2018 - C#
CFREDS case study for subject code: CTMTCS S2 P2
-
Updated
Nov 6, 2022
A python-based tool to extract forensic info from ActivitiesCache.db (Windows Activity Timeline)
-
Updated
May 3, 2023 - Python
An updated C# port of X-Ways X-Tensions API.
-
Updated
Mar 12, 2018 - C#
Avilla Forensics 3.0: Avilla Forensics is a comprehensive and feature-rich tool for mobile forensics, offering a wide range of functionalities for both Android and iOS devices. The tool’s integration with various third-party tools enhances its capabilities.
android ios mobile forensics digital-forensics computer-forensics forensic-analysis cell-phone mobile-forensics forensics-tools ios-forensics android-forensics cell-phone-forensics computer-forensics-lab digital-forensics-lab mobile-forensic-examination
-
Updated
Jun 10, 2024 - C#
Guymager is a free forensic imager for media acquisition. It is based on libewf and libguytools.
-
Updated
Feb 23, 2022 - C++
Improve this page
Add a description, image, and links to the computer-forensics topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the computer-forensics topic, visit your repo's landing page and select "manage topics."