Trending repositories for topic forensics

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

UNIX-like reverse engineering framework and command-line toolset

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...

Volatility 3.0 development

Documentation and scripts to properly enable Windows event logs.

Free hands-on digital forensics labs for students and faculty

Process-aware, eBPF-based tcpdump

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

An OSINT / digital forensics tool built in Python (formerly 'Sentinel')

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Security Apps for Android

A list of free and open forensics analysis tools and other resources

Expose USB activity on the fly

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Educational, CTF-styled labs for individuals interested in Memory Forensics

Rapidly Search and Hunt through Windows Forensic Artefacts

Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations

Process-aware, eBPF-based tcpdump

Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations

My WriteUps for HackTheBox CTFs, Machines, and Sherlocks.

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...

Documentation and scripts to properly enable Windows event logs.

An OSINT / digital forensics tool built in Python (formerly 'Sentinel')

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

PowerShell module for Office 365 and Azure log collection

Volatility 3.0 development

androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.

Free hands-on digital forensics labs for students and faculty

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...

Collection of forensic tools

Security Apps for Android

Timeline of Active Directory changes with replication metadata

A list of free and open forensics analysis tools and other resources

Expose USB activity on the fly

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Avilla Forensics 3.0

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...

UNIX-like reverse engineering framework and command-line toolset

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Process-aware, eBPF-based tcpdump

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Volatility 3.0 development

Free hands-on digital forensics labs for students and faculty

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...

Rapidly Search and Hunt through Windows Forensic Artefacts

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

Documentation and scripts to properly enable Windows event logs.

Awesome hacking is an awesome collection of hacking tools.

Odynova Digital Tiger was created to speed up OSINT tasks and make OSINT more efficient and is currently being developed

An OSINT / digital forensics tool built in Python (formerly 'Sentinel')

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Avilla Forensics 3.0

Security Apps for Android

Process-aware, eBPF-based tcpdump

Odynova Digital Tiger was created to speed up OSINT tasks and make OSINT more efficient and is currently being developed

My WriteUps for HackTheBox CTFs, Machines, and Sherlocks.

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...

Web | Mobile | API | Thick Client | Source Code Review | Wireless | Network Pentesting etc...

Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations

An OSINT / digital forensics tool built in Python (formerly 'Sentinel')

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Documentation and scripts to properly enable Windows event logs.

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

🕵️ A tool for Firefox profile analysis, data extraction, forensics and hardening

androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.

A curated list of awesome Memory Forensics for DFIR

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

CLI utility and Python module for analyzing log files and other data.

Timeline of Active Directory changes with replication metadata

Avilla Forensics 3.0

Free hands-on digital forensics labs for students and faculty

Python 3 Script to parse out iTunes backups

SIEM Tactics, Techiques, and Procedures

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...

Process-aware, eBPF-based tcpdump

UNIX-like reverse engineering framework and command-line toolset

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...

Volatility 3.0 development

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

An OSINT / digital forensics tool built in Python (formerly 'Sentinel')

Expose USB activity on the fly

Free hands-on digital forensics labs for students and faculty

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Documentation and scripts to properly enable Windows event logs.

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...

🕵️ OSINT Tools for gathering information and actions forensics 🕵️

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...

Rapidly Search and Hunt through Windows Forensic Artefacts

Official Black Hat Arsenal Security Tools Repository

Awesome hacking is an awesome collection of hacking tools.

Odynova Digital Tiger was created to speed up OSINT tasks and make OSINT more efficient and is currently being developed

Web | Mobile | API | Thick Client | Source Code Review | Wireless | Network Pentesting etc...

An OSINT / digital forensics tool built in Python (formerly 'Sentinel')

This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...

List of tools and commands that may be helpful in CTFs

My WriteUps for HackTheBox CTFs, Machines, and Sherlocks.

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

Documentation and scripts to properly enable Windows event logs.

A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts

A Tool For Absolute Beginners On Kali Linux. An Interactive Script That'll Guide You Through Attacks.

Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...

An forensics tool to help aid in the investigation of spoofed emails based off the email headers.

Windows Forensics Environment Builder

Expose USB activity on the fly

Helm charts for running open source digital forensic tools in Kubernetes

Tools OSINT MOBILE

A curated list of awesome Memory Forensics for DFIR

Collection of forensic tools

CLI tools for forensic investigation of Windows artifacts

An OSINT / digital forensics tool built in Python (formerly 'Sentinel')

This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...

A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts

Process-aware, eBPF-based tcpdump

A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.

Digital Forensics and Incident Response (DFIR)

Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos ...

DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based on research that has been performed by mounting different scenar...

Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations

Powershell script to help Speed ​​up Threat hunting incident response processes

This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365 Unified Audit Log.

Odynova Digital Tiger was created to speed up OSINT tasks and make OSINT more efficient and is currently being developed

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

UNIX-like reverse engineering framework and command-line toolset

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. ...

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Expose USB activity on the fly

🕵️ OSINT Tools for gathering information and actions forensics 🕵️

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Volatility 3.0 development

Free hands-on digital forensics labs for students and faculty

Rapidly Search and Hunt through Windows Forensic Artefacts

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

Interactively find and recover deleted or :point_right: overwritten :point_left: files from your terminal

Awesome hacking is an awesome collection of hacking tools.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Free Security and Hacking eBooks

Official Black Hat Arsenal Security Tools Repository

Collection of forensic tools

A list of free and open forensics analysis tools and other resources

Expose USB activity on the fly

This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

My WriteUps for HackTheBox CTFs, Machines, and Sherlocks.

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos ...

Collection of forensic tools

Network Forensics CLI utility that performs Network Scanning, OSINT, and Attack Detection

Deauthalyzer is a script designed to monitor WiFi networks and detect deauthentication attacks. It utilizes packet sniffing and analysis techniques to identify deauthentication attack packets and prov...

FIT is a Python3 application for forensic acquisition of contents like web pages, emails, social media, etc. directly from the internet.

电子数据取证Wiki

A proof-of-concept for (CVE-2023-38840) that extracts plaintext master passwords from a locked Bitwarden vault.

Helm charts for running open source digital forensic tools in Kubernetes

Digital Forensics and Incident Response (DFIR)

A Tool For Absolute Beginners On Kali Linux. An Interactive Script That'll Guide You Through Attacks.

Memory Forensic System on Cloud

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

Search Index Database Reporter

Windows Forensics Environment Builder

Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)