GitHub topics: forensic

Repositories

Am0rphous/Awesome

Awesome collection of resources 😎 Work in progress🔥

Language: Shell - Size: 106 MB - Last synced at: about 10 hours ago - Pushed at: about 12 hours ago - Stars: 134 - Forks: 31

light-hat/turinabolum

🦾 Digital Forensics on Steroids

Language: Python - Size: 995 KB - Last synced at: about 19 hours ago - Pushed at: about 21 hours ago - Stars: 14 - Forks: 2

dfir-iris/iris-web

Collaborative Incident Response platform

Language: Python - Size: 32.5 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1,258 - Forks: 248

deep4sky3abyss8/Craver-Malware-proof-consept

Craver is a new name for a family of malware that consumes system resources (like fork-bombs), causing performance degradation or even system crashes. The name is taken from the Cravers from the Invasion civilizations of the game Endless Space 2.

Language: Python - Size: 279 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 1 - Forks: 0

sepinf-inc/IPED

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

Language: Java - Size: 233 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 1,292 - Forks: 266

cuhsat/artifacts

Test files from various sources.

Language: DIGITAL Command Language - Size: 20.5 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 1 - Forks: 0

mthcht/ThreatHunting-Keywords

Awesome list of keywords and artifacts for Threat Hunting sessions

Language: PowerShell - Size: 216 MB - Last synced at: 9 days ago - Pushed at: about 1 month ago - Stars: 599 - Forks: 74

cuhsat/ffind

Find forensic artifacts in mount points or the live system.

Language: Go - Size: 14.6 KB - Last synced at: 16 days ago - Pushed at: 18 days ago - Stars: 1 - Forks: 0

cuhsat/flog

Log forensic artifacts as JSON in ECS format.

Language: Go - Size: 578 KB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 1 - Forks: 0

cuhsat/fmount

Mount various disk images for forensic read-only processing.

Language: Go - Size: 119 KB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 1 - Forks: 0

cuhsat/fact

A shell pipeline for extracting forensic artifacts from disk images in ECS format.

Size: 931 KB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 1 - Forks: 1

mnrkbys/fjta

FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), generates timelines, and detects suspicious activities.

Language: Python - Size: 415 KB - Last synced at: 19 days ago - Pushed at: 20 days ago - Stars: 79 - Forks: 7

securityjoes/Crowdstrike-Deploy

The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.

Language: Shell - Size: 198 KB - Last synced at: 25 days ago - Pushed at: 26 days ago - Stars: 24 - Forks: 0

etvr/FOtools

a collection of tools for blender to assist in forensic visualisation

Language: Python - Size: 107 MB - Last synced at: 30 days ago - Pushed at: 30 days ago - Stars: 0 - Forks: 0

ForensicRS/forensic-rs

Forensic framework to build tools that can be reused in multiple projects without changing anything

Language: Rust - Size: 105 KB - Last synced at: 24 days ago - Pushed at: 6 months ago - Stars: 28 - Forks: 2

rtulke/chronika

Chronika is a forensic analysis tool for reading and visualizing different browser histories in a chronological timeline format. Supports Chrome, Firefox, Safari, Brave, Opera, Edge, Vivaldi, Tor Browser, Chromium, LibreWolf and all browsers on Linux and macOS.

Language: Python - Size: 39.1 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

A-YATTA/AMDH

Android Mobile Device Hardening

Language: Python - Size: 376 MB - Last synced at: 5 days ago - Pushed at: over 2 years ago - Stars: 210 - Forks: 27

gustavoparedes/QuickLog

Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecuritynews.com/windows-event-log-analysis/, to quickly highlight key forensic artifacts.

Language: C# - Size: 707 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 6 - Forks: 3

Vadym-Skok/collaborative-platform

Build a real-time collaborative platform using Next.js, TypeScript, and Supabase. Enhance teamwork with seamless features. 🌟💻

Language: HTML - Size: 21.5 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

pTheDevoted/Trithes

CLI forensic tool for steganography.

Language: Python - Size: 251 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 6 - Forks: 0

LeKlex/Attack-simulation-infrastructure

A small and simple network infrastructure with automated attacks on a VM server documented by tshark

Language: Shell - Size: 101 KB - Last synced at: about 2 months ago - Pushed at: about 5 years ago - Stars: 5 - Forks: 1

markusthilo/Wiper

Windows GUI tool to securely wipe drives with option to treat SSDs gently.

Language: Python - Size: 215 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

markusthilo/ipgrep

GREP for PCAP files

Language: C - Size: 27.3 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

lmolinario/Thesis

This repository was created for the thesis of the Master's degree course in Computer Engineering, Cybersecurity and Artificial Intelligence

Language: Python - Size: 776 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

alicangnll/pyshadow

PyShadow — Python ShadowCopy Analyzer for Forensic and Data Rescue

Language: Python - Size: 279 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 5 - Forks: 1

kacos2000/Queries

SQLite queries

Language: PowerShell - Size: 596 KB - Last synced at: 27 days ago - Pushed at: over 2 years ago - Stars: 82 - Forks: 11

nannib/audiodf

This program can detect if an audio message is a Deep Fake or it is genuine

Language: Python - Size: 61.5 KB - Last synced at: about 1 month ago - Pushed at: 5 months ago - Stars: 3 - Forks: 0

guillaC/SQLiteDiskExplorer

SQLiteDiskExplorer enables you to explore, catalog, and batch extract SQLite files from disks and removable media.

Language: C# - Size: 400 KB - Last synced at: 8 days ago - Pushed at: about 1 year ago - Stars: 17 - Forks: 0

kacos2000/WindowsTimeline

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

Language: PowerShell - Size: 42.5 MB - Last synced at: 17 days ago - Pushed at: over 2 years ago - Stars: 189 - Forks: 21

karthik997/Forensic_Toolkit

Major tools used for Digital Forensic Investigation, includes tools used for Image, Audio, Memory, Network and Disk Image data analysis. Helpful resource for CTF Challenges.

Size: 431 KB - Last synced at: 3 months ago - Pushed at: almost 5 years ago - Stars: 82 - Forks: 19

solywsh/go-forensic

A forensic tool🔧for mobile phone

Language: Go - Size: 1.48 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0

kacos2000/OtherStuff

Various Topics

Language: PowerShell - Size: 39.2 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 15 - Forks: 5

gharib-uk/onions

A onion personal blog, a mirror maybe ;)

Language: HTML - Size: 1.39 MB - Last synced at: 3 months ago - Pushed at: 5 months ago - Stars: 1 - Forks: 0

Lockelamoree/NiNa

NiNa is Small UI with a RAG Agent to interact with your LLM locally

Language: Python - Size: 61.5 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 2 - Forks: 0

patatetom/fuseconcat

concatenate multiple files into a single logical file

Language: Python - Size: 19.5 KB - Last synced at: about 1 month ago - Pushed at: about 7 years ago - Stars: 2 - Forks: 0

kacos2000/Win10

Win 10/11 related research

Language: PowerShell - Size: 37.1 MB - Last synced at: 5 months ago - Pushed at: over 1 year ago - Stars: 184 - Forks: 32

franckferman/LastLog-Audit

A Python tool to analyze and export login activity from /var/log/lastlog for security.

Language: Python - Size: 40 KB - Last synced at: 5 months ago - Pushed at: 6 months ago - Stars: 5 - Forks: 0

DecryptaTechnologies/GovTools

GovTools is an innovative open-source toolkit for Windows, designed to streamline the extraction of password hashes from a variety of targets.

Language: C# - Size: 669 KB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 5 - Forks: 1

kacos2000/Prefetch-Browser

Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's

Language: PowerShell - Size: 943 KB - Last synced at: 4 months ago - Pushed at: 9 months ago - Stars: 61 - Forks: 5

txuswashere/Digital-Forensics

Digital Forensics Essentials (DFE)

Size: 92.8 KB - Last synced at: 6 months ago - Pushed at: over 1 year ago - Stars: 13 - Forks: 1

jnbdz/forensic-imaging-quickstarts

Forensic Imaging quickstarts!

Size: 59.5 MB - Last synced at: 3 months ago - Pushed at: about 3 years ago - Stars: 14 - Forks: 4

nihatxp/Forensic-File-Analyzer

Fotoğrafın daha önce kırpıldığına, döndürüldüğüne, hash değerlerine ve benzeri onlarca meta veriye erişin.

Language: PHP - Size: 825 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

sp34rh34d/CTF-writeups

Language: Python - Size: 94 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 3 - Forks: 1

kacos2000/Jumplist-Browser

Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser

Language: PowerShell - Size: 13.3 MB - Last synced at: 4 months ago - Pushed at: over 1 year ago - Stars: 32 - Forks: 2

bitranox/fingerprint

Monitoring Registry and File Changes in Windows

Language: Python - Size: 5.61 MB - Last synced at: 5 months ago - Pushed at: about 1 year ago - Stars: 71 - Forks: 11

mauricelambert/EntropyAnalysis

This package analyzes file entropy (shannon entropy) for forensic and malware analysis.

Language: Python - Size: 521 KB - Last synced at: 6 months ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 1

MrX0955/PySecurity

📌 Open-Source PySecurity OSINT Tool

Language: Python - Size: 74.2 KB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 4 - Forks: 6

arhaxor21/Flagy

This a Complete tool contained box for Capture The Flag competition. Mostly I have inserted all the necessary tools. Some of the people have some trouble installing tools for the beginning stages.

Language: Shell - Size: 30.3 KB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 12 - Forks: 3

apehex/driven-moodule

Front end for the industrious module

Language: Python - Size: 30 MB - Last synced at: 6 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0

MrOctopus/pyWhatsUpp

A forensic tool to automatically extract as many artifacts as possible from the WhatsApp desktop/web client

Language: Python - Size: 123 KB - Last synced at: 6 months ago - Pushed at: over 3 years ago - Stars: 17 - Forks: 2

j0rd1s3rr4n0/ForenseTech-Challenges

La informática forense: Desafíos para poner a prueba tus habilidades en la resolución de delitos cibernéticos. ¡Sumérgete en escenarios reales y perfecciona tus habilidades!

Size: 152 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 5 - Forks: 2

hanasuru/TrashParse

Simply tool for analyzing Windows Recycle.Bin files

Language: Python - Size: 17.6 KB - Last synced at: 16 days ago - Pushed at: about 4 years ago - Stars: 9 - Forks: 0

raja045/ImageForensicsUsingMetaData

A project leveraging metadata extraction, machine learning, and visualization tools to automate and enhance image forensics for criminal investigations.

Language: Jupyter Notebook - Size: 4.12 MB - Last synced at: about 2 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0

mauricelambert/QueryCombinedLogFormat

This tool extracts, filters and parses combined log format (apache and nginx default access.log format) with a easy and fast language syntax.

Language: Python - Size: 75.2 KB - Last synced at: 4 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0

ScreenShareITA/SSITA-Executables

tools made in golang

Language: Go - Size: 6.15 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 0 - Forks: 0

ditekshen/ansible-asa-forensic-investigation-procedures-first-responders

Ansible Playbook for Cisco ASA Forensic Investigation Procedures for First Responders

Size: 26.4 KB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0

glowbase/nix_dfir

Perform post-mortem Linux baselining and forensic analysis.

Language: Shell - Size: 120 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 3 - Forks: 5

patatetom/rds4xways

Extract SHA1 from Reference Data Set (RDS) provided by the National Software Reference Library (NSRL) for X-Ways Forensics (or any other tool that uses SHA1).

Language: Shell - Size: 62.9 MB - Last synced at: 2 months ago - Pushed at: 11 months ago - Stars: 6 - Forks: 0

HellGateCorp/DOCxNGINxFX

Deep File Forensic. Create or manipulate Wordlists out of Text Documents (ex: for BruteForcing). Save it Line by Line as a Binary .BIN File or as a usually Text File. 👁🌪🛠

Language: Java - Size: 1.68 MB - Last synced at: 3 months ago - Pushed at: about 3 years ago - Stars: 8 - Forks: 3

CIRCL/forensic-tools

CIRCL system forensic tools or a jumble of tools to support forensic

Language: Python - Size: 18.6 KB - Last synced at: 1 day ago - Pushed at: over 2 years ago - Stars: 42 - Forks: 6

naemazam/logForenix

log Forenix 🕵️- Your Linux Forensic Artifacts Collector Tool! 🚀

Language: Shell - Size: 941 KB - Last synced at: 5 months ago - Pushed at: about 1 year ago - Stars: 31 - Forks: 1

Prvvv/ChromeForensics

Different code samples for Chrome browser analysis & post exploitation

Language: Python - Size: 9.77 KB - Last synced at: 6 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0

franckferman/DataDetective

Unlock the story hidden in data - Your digital investigation partner. The Sleuth Kit Python Wrapper.

Language: Python - Size: 675 KB - Last synced at: 7 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0

little-brother/sqlite-unhide

Recovery deleted rows from SQLite3 databases

Language: Batchfile - Size: 49.8 KB - Last synced at: 5 months ago - Pushed at: almost 4 years ago - Stars: 6 - Forks: 0

dis70rt/pearlCTF-WriteUps

These are my WriteUps of pearlCTF'24 hosted by CyberLabs of IIT (ISM), Dhanbad

Size: 3.91 KB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

JStuborn/andriller Fork of den4uk/andriller

📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.

Size: 1.32 MB - Last synced at: 12 months ago - Pushed at: about 3 years ago - Stars: 1 - Forks: 0

aishee/andump

Tools dump memory for android.

Language: Python - Size: 3.91 KB - Last synced at: 4 months ago - Pushed at: about 8 years ago - Stars: 1 - Forks: 3

LazyAlpaka/ifrit

Incident Forensic Response In Terminal script for linux

Language: Shell - Size: 175 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 6 - Forks: 4

dfir-iris/iris-evtx-module

Example of IRIS module, handling EVTX files

Language: Python - Size: 28.3 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 8 - Forks: 2

TracyCuiq/DCNN_NI_CG_Forensic

Convert the original Caffe version to Pytorch version

Language: Python - Size: 14.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 0

kawaiipantsu/project-tinfoilhat

Project TinFoilHat - My USB Armory from Inverse Path set up for pen-testing and forensic work

Size: 1000 Bytes - Last synced at: over 1 year ago - Pushed at: over 7 years ago - Stars: 0 - Forks: 0

LukasMarckmiller/RemoteForensicAppliance 📦

Bachelorarbeit Informatik 2019 - To be done

Language: Go - Size: 820 KB - Last synced at: about 1 year ago - Pushed at: almost 6 years ago - Stars: 0 - Forks: 0

patatetom/xtaf

Xbox 360 file system

Language: Python - Size: 64.5 KB - Last synced at: 5 months ago - Pushed at: over 7 years ago - Stars: 5 - Forks: 1

alicangnll/pymem

PyMem - Memory Acquisition Tool

Language: Python - Size: 408 KB - Last synced at: about 1 year ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0

komosny/IP-country-forensic-evidence

Country location evidence from IP address

Language: Jupyter Notebook - Size: 2.73 GB - Last synced at: 6 months ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0

rusq/jpegrip

JPEG the Ripper: extract JPEG files from unstructured data stream

Language: C - Size: 251 KB - Last synced at: 1 day ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 0

AkashKV-1998/Keypoint-Based-Detection-and-Region-Growing-Based-Localization-of-Copy-Move-Forgery-in-Digital-Image

The repository contains analysis and results of different copy-move forgery detection techniques.

Language: Jupyter Notebook - Size: 63.1 MB - Last synced at: over 1 year ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 0

kawaiipantsu/maltego-darknet-transforms

Maltego DarkNET Transforms - These are all PHP local transforms that i am trying to maintain and deploy in a easy way! The name may lead to think it's all about the darknet but this is not all true i made all sorts of transforms.

Language: PHP - Size: 38.1 KB - Last synced at: over 1 year ago - Pushed at: almost 7 years ago - Stars: 16 - Forks: 3

SatyenderYadav/registryfinder

It helps you to find the details about registry keys in just seconds

Language: SCSS - Size: 1.36 MB - Last synced at: over 1 year ago - Pushed at: about 4 years ago - Stars: 0 - Forks: 0

moul/cryptoguess

Automatically detect and parse cryptography keys

Language: Go - Size: 85 KB - Last synced at: 23 days ago - Pushed at: 24 days ago - Stars: 8 - Forks: 0

masq/pnger

PNG file parser, for forensic/anti-forensic purposes primarily.

Language: Python - Size: 187 KB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 8 - Forks: 2

ChelCarriere/photogrammetry-anthropology-tools

These are the tools and plugins utilized in the article "Assessing the utility of 3D modeling with photogrammetry in assigned sex estimation from the greater sciatic notch"

Language: Python - Size: 99.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

khangtictoc/CTF-Writeup-Practice

All CTF Writeup from many sources will be here

Language: Python - Size: 10.4 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 7 - Forks: 3

flagbot1337/ctf-conan

CTF-Conan is a CTF Based information Gathering Repository Develop By Flag_Bot

Size: 28.3 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

Adi202001/Security-Tesseract

GitHub repository dedicated to cybersecurity study materials. In this repository, you'll find a curated collection of resources, documents, code samples, and learning materials focused on the dynamic and critical field of cybersecurity.

Size: 64.4 MB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0

waldekmaciejko/repair_ADPCM_file

Function repairs ADPCM audio file which was encoded with disrupted frame

Language: Python - Size: 416 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0

daniel-radesjo/rdd-copy

Fork of rdd-copy (https://sourceforge.net/projects/rdd/) developed by NFI (the Netherlands Forensic Institute) and updated to work with new version of libewf.

Language: C - Size: 5.68 MB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 0 - Forks: 0

YosfanEilay/CLSID-Ninja

This tool simplifies the process of extracting and inspecting users CLSID registry values. Easily identify potential threats and malicious activity like examining CLSID's of COM Objects for compromise or replacement by malware.

Language: PowerShell - Size: 53.7 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 0