Trending repositories for topic forensics
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
UNIX-like reverse engineering framework and command-line toolset
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
Documentation and scripts to properly enable Windows event logs.
Free hands-on digital forensics labs for students and faculty
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
A list of free and open forensics analysis tools and other resources
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Educational, CTF-styled labs for individuals interested in Memory Forensics
Rapidly Search and Hunt through Windows Forensic Artefacts
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
Documentation and scripts to properly enable Windows event logs.
An OSINT / digital forensics tool built in Python (formerly 'Sentinel')
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.
Free hands-on digital forensics labs for students and faculty
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
Timeline of Active Directory changes with replication metadata
A list of free and open forensics analysis tools and other resources
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
UNIX-like reverse engineering framework and command-line toolset
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Free hands-on digital forensics labs for students and faculty
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...
Rapidly Search and Hunt through Windows Forensic Artefacts
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Documentation and scripts to properly enable Windows event logs.
Odynova Digital Tiger was created to speed up OSINT tasks and make OSINT more efficient and is currently being developed
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Odynova Digital Tiger was created to speed up OSINT tasks and make OSINT more efficient and is currently being developed
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
Web | Mobile | API | Thick Client | Source Code Review | Wireless | Network Pentesting etc...
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
An OSINT / digital forensics tool built in Python (formerly 'Sentinel')
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Documentation and scripts to properly enable Windows event logs.
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
🕵️ A tool for Firefox profile analysis, data extraction, forensics and hardening
androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.
A curated list of awesome Memory Forensics for DFIR
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
CLI utility and Python module for analyzing log files and other data.
Timeline of Active Directory changes with replication metadata
Free hands-on digital forensics labs for students and faculty
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
UNIX-like reverse engineering framework and command-line toolset
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
An OSINT / digital forensics tool built in Python (formerly 'Sentinel')
Free hands-on digital forensics labs for students and faculty
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Documentation and scripts to properly enable Windows event logs.
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...
Rapidly Search and Hunt through Windows Forensic Artefacts
Official Black Hat Arsenal Security Tools Repository
Odynova Digital Tiger was created to speed up OSINT tasks and make OSINT more efficient and is currently being developed
Web | Mobile | API | Thick Client | Source Code Review | Wireless | Network Pentesting etc...
An OSINT / digital forensics tool built in Python (formerly 'Sentinel')
This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
Documentation and scripts to properly enable Windows event logs.
A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts
A Tool For Absolute Beginners On Kali Linux. An Interactive Script That'll Guide You Through Attacks.
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
An forensics tool to help aid in the investigation of spoofed emails based off the email headers.
Helm charts for running open source digital forensic tools in Kubernetes
A curated list of awesome Memory Forensics for DFIR
This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...
A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos ...
DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenar...
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
Powershell script to help Speed up Threat hunting incident response processes
This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365 Unified Audit Log.
Odynova Digital Tiger was created to speed up OSINT tasks and make OSINT more efficient and is currently being developed
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
UNIX-like reverse engineering framework and command-line toolset
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Free hands-on digital forensics labs for students and faculty
Rapidly Search and Hunt through Windows Forensic Artefacts
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Interactively find and recover deleted or :point_right: overwritten :point_left: files from your terminal
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Official Black Hat Arsenal Security Tools Repository
A list of free and open forensics analysis tools and other resources
This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos ...
Network Forensics CLI utility that performs Network Scanning, OSINT, and Attack Detection
Deauthalyzer is a script designed to monitor WiFi networks and detect deauthentication attacks. It utilizes packet sniffing and analysis techniques to identify deauthentication attack packets and prov...
FIT is a Python3 application for forensic acquisition of contents like web pages, emails, social media, etc. directly from the internet.
A proof-of-concept for (CVE-2023-38840) that extracts plaintext master passwords from a locked Bitwarden vault.
Helm charts for running open source digital forensic tools in Kubernetes
A Tool For Absolute Beginners On Kali Linux. An Interactive Script That'll Guide You Through Attacks.
Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.
Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)