A curated list of awesome forensic analysis tools and resources
-
Updated
Apr 13, 2022
#
forensic-analysis
Here are 150 public repositories matching this topic...
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
-
Updated
Apr 9, 2022 - Python
WhatsApp Parser Toolset v1.59
-
Updated
Jun 8, 2022 - Python
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
incident-response
python3
threat-hunting
windows-eventlog
forensic-analysis
purpleteam
windows-event-logs
apt-attacks
-
Updated
Apr 11, 2022 - Python
WinDBG Anti-RootKit Extension
windows
c-plus-plus
visual-studio
malware
driver
kernel-mode
crash-dump
windbg
malware-analysis
windbg-extension
malware-research
forensic-analysis
debugging-tool
memory-forensics
anomaly-detection
anti-rootkit
wdbgark
user-mode
sww
wa-haltables
wa-idt
wa-objtype
wa-ssdt
wa-colorize
wa-checkmsr
wa-pnptable
wa-crashdmpcall
wa-objtypecb
swwwolf
-
Updated
Jul 29, 2020 - C++
A list of free and open forensics analysis tools and other resources
windows
macos
linux
open-source
metadata
tools
timeline
network
forensics
free
awesome-list
image-analysis
digital-forensics
forensic-analysis
metada
forensics-investigations
computer-fore
forensic-tools
-
Updated
Aug 12, 2021
Awesome list of digital forensic tools
metadata
awesome
forensics
awesome-list
digital-forensics
forensic-analysis
investigative-journalism
-
Updated
Nov 16, 2020
A collection of tools for forensic analysis
python
metadata
firefox
chrome
facebook
parse
cookie
skype
exif
forensics
facebook-messenger
whatsapp
exif-data-extraction
digital-forensics
html-table
metadata-extraction
forensic-analysis
metadata-extractor
exif-metadata
extract-metadata
exif-extractor
-
Updated
Sep 12, 2019 - Python
Python script to decode common encoded PowerShell scripts
-
Updated
Jun 13, 2018 - Python
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
hacking
forensics
penetration-testing
infrastructure-monitoring
forensic-analysis
blueteam
hacking-attack-tools
internal-pentest
redteaming
blue-team
redteam
hacking-tools
purpleteam
forensics-investigations
-
Updated
Aug 4, 2018 - Python
7
cmcaine
commented
Jan 1, 2018
Otherwise I can fingerprint on diacritic form, ligatures, etc.
I don't know if it also removes the homoglyphs. Might want to look into that.
NFKC does change the appearance of the text a bit if you're using display variants e.g. blacktype h Vs Latin h, but NFC normalisation permits too many fingerprinting options.
CLI utility and Python module for analyzing log files and other data.
cli
security
parser
json
data-science
library
log-analysis
module
parsing
command-line
python-library
syslog
forensics
data-analysis
python-modules
log-parser
parsing-library
forensic-analysis
python-module
-
Updated
Feb 8, 2021 - Python
Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information.
security
awesome
cybersecurity
awesome-list
antiforensics
forensic-analysis
anti-forensics
anti-forensic
-
Updated
Oct 31, 2021
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
-
Updated
Jan 31, 2022 - Python
An OSINT Metadata analyzing tool that filters through tags and creates reports
-
Updated
Mar 18, 2019 - Python
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
security
csharp
scanner
forensics
antivirus
threat-hunting
query-language
yara
forensic-analysis
yara-rules
mft
yara-scanner
forensics-investigations
threat-monitor
forensics-level-scanning
-
Updated
May 24, 2022 - C
Rootkit Detector for UNIX
-
Updated
Oct 30, 2021 - C
Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.
-
Updated
Nov 18, 2021 - Python
Avilla Forensics 3.0
android
ios
instagram
mobile
telegram
adb
adb-commands
forensics
whatsapp
signal
devices
digital-forensics
apktool
forensic-analysis
downgrade
whatsapp-parser
downgrade-attack
extrator
mobile-forensics
forensics-tools
-
Updated
May 3, 2022
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
bloom-filter
dfir
nsrl
forensic-analysis
forensics-investigations
dfir-automation
nsrllookup
hashlookup
-
Updated
May 7, 2022 - Python
Monitoring Registry and File Changes in Windows
windows
registry
hacking
windows-10
python3
forensics
windows-7
hacking-tool
registry-hacks
forensic-analysis
registry-scripts
procmon
forensic-examinations
forensic
registry-data
hacking-tools
hacking-code
forensics-investigations
hackingtool
hackingtools
-
Updated
Mar 29, 2022 - Python
Analyze and help extract older "hidden" versions of a pdf from the current pdf.
-
Updated
Aug 31, 2021 - C
CLI program to calculate file entropy
-
Updated
Mar 7, 2022 - C++
The Python implementation of the AFF4 standard.
-
Updated
Apr 28, 2022 - Python
Alcide Kubernetes Audit Log Analyzer - Alcide kAudit
-
Updated
Jul 8, 2021 - Shell
CIRCL system forensic tools or a jumble of tools to support forensic
-
Updated
Sep 25, 2019 - Python
VFRAME: Visual Forensics and Metadata Extraction
redaction
image-classification
object-detection
forensic-analysis
vframe
face-blur
image-search-engine
dnn-inference
-
Updated
Mar 28, 2022 - Python
Case Studies on Forensic Accounting using Data Analysis
-
Updated
Jan 10, 2019 - Jupyter Notebook
Enhanced version of dd for forensics and security
-
Updated
Aug 17, 2021 - C
Improve this page
Add a description, image, and links to the forensic-analysis topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the forensic-analysis topic, visit your repo's landing page and select "manage topics."
The project works with 8 modules < reference source/Module >