Repository navigation
computer-forensics
- Website
- Wikipedia
⭐️ A curated list of awesome forensic analysis tools and resources
❄ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
The best tools and resources for forensic analysis.
Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
This will compile a list of Android, iOS, Linux malware techniques for attacking and detection purposes.
A Volatility plugin for finding sqlite database rows
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
An updated C# port of X-Ways X-Tensions API.
LiveDiff is a portable system-level differencing tool for Microsoft Windows-based operating systems
Extract valid or partially valid domain names and IPs from malicious or invalid URLs.
Access Expert Witness Format (ewf/E01/L01) files using Golang
Docker images of open source forensic tools
The forensic analysis write-up / walkthrough for forensic disk image.
A python-based tool to extract forensic info from ActivitiesCache.db (Windows Activity Timeline)
CFREDS case study for subject code: CTMTCS S2 P2
Dump a process memory and extract data based on regular expressions.
CTF Suite is a collection of tools you can use during Capture The Flag competitions. These tools are aimed at specific categories of problems and are specific to Jeopardy-style CTFs.