forensic

Collaborative Incident Response platform

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

Awesome list of keywords and artifacts for Threat Hunting sessions

Android Mobile Device Hardening

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

Win 10/11 related research

Forensic Face Sketch Construction and Recognition (My B.E. Final Year Project)

Awesome collection of resources 😎 Work in progress🔥

Major tools used for Digital Forensic Investigation, includes tools used for Image, Audio, Memory, Network and Disk Image data analysis. Helpful resource for CTF Challenges.

SQLite queries

A curated list of awesome malware analysis tools and resources

Monitoring Registry and File Changes in Windows

FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates timelines, and detects suspicious activities.

Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's

CIRCL system forensic tools or a jumble of tools to support forensic

📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server

Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser

log Forenix 🕵️- Your Linux Forensic Artifacts Collector Tool! 🚀

Forensic framework to build tools that can be reused in multiple projects without changing anything

The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.