Repository navigation

#

forensics-investigations

Velocidex/velociraptor
Velocidex / velociraptor 

Digging Deeper....

incident-responseforensics-investigationsinventory-managementendpoint-securityendpoint-protectionendpoint-discoverydigital-forensics
Go
3204
4 小时前
mikeroyal/Digital-Forensics-Guide
mikeroyal / Digital-Forensics-Guide 

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

digitalforensicsdigitalforensicreadinessforensics安全forensics-toolsdigital-forensicsthreat-intelligenceintrusion-detectionmitre-attackdetection-engineeringnetwork-securityoffensive-securitycyber-securityport-scanningsiemalertingforensic-analysisforensics-investigationsOSINTdfir
Python
1859
1 年前
mesquidar/ForensicsTools
mesquidar / ForensicsTools 

A list of free and open forensics analysis tools and other resources

forensicsdigital-forensicsforensic-analysisforensics-investigations工具freeOpen SourceAwesome Listsmetadataimage-analysistimelineNetworkWindowsmacOSLinux
1251
5 个月前
CScorza / OSINT-FORENSICS-MOBILE 

Tools OSINT MOBILE

forensicsforensics-investigationsmessengerOSINTosint-resourcesosint-toolsmartphone
572
4 个月前
Johnng007 / Live-Forensicator 

A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)

incident-responseforensicsforensics-investigationslog4jPowerShellBashmacOSLinuxlinux-shell
JavaScript
568
7 个月前
Psmths / windows-forensic-artifacts 

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

forensicsartifactsdfirWindowsanalysisreferencedigital-forensicsforensic-analysisforensics-investigations
338
8 个月前
redaelli / imago-forensics 

Imago is a python tool that extract digital evidences from images.

forensics-investigationsdfirimage-analysisPythonincident-response
Python
256
3 年前
Viralmaniar / Remote-Desktop-Caching- 

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

blueteamredteamHackinginternal-pentestpenetration-testingredteamingforensicsforensics-investigationsforensic-analysisinfrastructure-monitoringblue-teamhacking-toolspurpleteam
Python
215
7 年前
CScorza / Analisi-Digital-Forense 

Strumenti di Acquisizione e Analisi di copie Forensi

best-practicesdigitalforensic-analysisforensicsforensics-investigationsforensics-toolsLinuxmacOS工具Windows
146
1 年前
digitalsleuth / WIN-FOR 

Windows Forensics Environment Builder

forensicsforensics-investigationsforensics-toolsWindows
C#
132
3 个月前
hashlookup / hashlookup-forensic-analyser 

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

dfirdfir-automationforensic-analysisforensics-investigationshashlookupbloom-filter
Python
126
2 年前
x4nth055 / ethical-hacking-tools-python 

Python programs & tools built in the Ethical Hacking with Python EBook

email-extractorethical-hackingethical-hacking-toolsforensics-investigationsinformation-gatheringmalware-developmentpassword-crackernetwork-securityScapy
Python
110
9 个月前
resurrecting-open-source-projects / dcfldd 

Enhanced version of dd for forensics and security

forensicsforensic-analysisforensics-investigations
C
101
4 个月前
joeavanzato / RetrievIR 

PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.

dfirevidenceforensicsforensics-investigationsforensics-toolsincident-responseincident-response-toolingPowerShell
PowerShell
101
8 个月前
nshadov / screensaver-mouse-jiggler 

Hardware arduino based mouse emulator, preventing screen saver locking (eg. during forensic investigation)

安全forensicsforensics-investigationsscreensaver
C++
91
7 年前
PacktPublishing / Digital-Forensics-with-Kali-Linux 

Digital Forensics with Kali Linux, published by Packt

kali-linuxkali-scriptsdigital-forensicsforensicsmobile-securityHackingbrute-force-attacksinvestigationforensics-investigationspenetration-testingpentestingpentest-tool
89
2 年前
emrekybs / MrHandler 

Linux Incident Response Reporting

cyber-securityforensics-investigationsforensics-toolsincident-managementincident-responseincident-response-toolingLinuxPython
HTML
84
1 年前
AdamWhiteHat / Judge-Jury-and-Executable 

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

安全threat-huntingantivirusscannerquery-languageC#forensicsforensic-analysisforensics-investigationsyarayara-scanneryara-rules
C#
81
1 年前
bitranox / fingerprint 

Monitoring Registry and File Changes in Windows

PythonWindowsregistryregistry-hackshacking-toolhacking-toolsHackingforensicsforensicforensics-investigationsforensic-analysisprocmon
Python
71
9 个月前
MrMugiwara / FTK-imager-OSX 

FTK Imager a Forensics Tools For MAC OS X

forensics-investigationsmacOSdigital-forensics
68
7 年前