digital-forensics

There are 72 repositories under digital-forensics topic.

• cugu / awesome-forensics

  A curated list of awesome forensic analysis tools and resources

  computer-forensicsdfirdigital-forensicsforensic-analysisfreeopen-source
  3594
• TheHive

  TheHive-Project / TheHive

  TheHive: a Scalable, Open Source and Free Security Incident Response Platform

  mispsecurity-incidentsanalyzeriocsthehivedigital-forensicsincident-responserestapiscalainvestigationsdfirfreeopen-sourceplatformcortexagplv3orchestrationincident-managementincident-response-tooling
  Language:Scala 3227
• velociraptor

  Velocidex / velociraptor

  Digging Deeper....

  incident-responseforensics-investigationsinventory-managementendpoint-securityendpoint-protectionendpoint-discoverydigital-forensics
  Language:Go 2678

• simsong / tcpflow

  TCP/IP packet demultiplexer. Download from:

  digital-forensicsforensicstcp-protocoltcpip
  Language:C++ 1645
• MemLabs

  stuxnet999 / MemLabs

  Educational, CTF-styled labs for individuals interested in Memory Forensics

  ctfctf-challengescybersecuritydfirdigital-forensicsforensicsmemory-forensicssecuritywindows
  Language:Shell 1556
• Digital-Forensics-Guide

  mikeroyal / Digital-Forensics-Guide

  Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

  digitalforensicsdigitalforensicreadinessforensicssecurityforensics-toolsdigital-forensicsthreat-intelligenceintrusion-detectionmitre-attackdetection-engineeringnetwork-securityoffensive-securitycyber-securityport-scanningsiemalertingforensic-analysisforensics-investigationsosintdfir
  Language:Python 1358
• beagle

  yampelo / beagle

  Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

  dfirdigital-forensicsforensic-analysisgraphincident-responsesecuritythreat-hunting
  Language:Python 1259
• Cortex

  TheHive-Project / Cortex

  Cortex: a Powerful Observable Analysis and Active Response Engine

  responsedfiranalysisanalyzerthehiveenginescalapythonrestapisecurity-incidentsdigital-forensicsiocsobservablefreefree-softwareopen-sourceincident-responsecyber-threat-intelligencecortex
  Language:Scala 1252
• ThePhish

  emalderson / ThePhish

  ThePhish: an automated phishing email analysis tool

  emaildetectionmalwarephishingcybersecuritymispthehivethehive4thehive4pyindicators-of-compromisecyberdefensephishing-detectionpythonincident-responsefreedigital-forensicsthreat-intelligencewebappattackscript
  Language:Python 1046

• dfir-iris / iris-web

  Collaborative Incident Response platform

  forensicincident-responsecsirt-toolingpythondigital-forensicsdigital-forensics-incident-responseforensic-analysisforensic-tools
  Language:JavaScript 940
• whatfiles

  spieglt / whatfiles

  Log what files are accessed by any Linux process

  digital-forensicsfilesystem-eventslinux-utilities
  Language:C 936

• rezaduty / cybersecurity-career-path

  Cybersecurity Career Path

  cyber-threat-analystcybersecurity-career-pathdigital-forensicspentestingroadmap
  927
• ForensicsTools

  mesquidar / ForensicsTools

  A list of free and open forensics analysis tools and other resources

  forensicsdigital-forensicscomputer-foreforensic-analysisforensics-investigationsforensic-toolstoolsfreeopen-sourceawesome-listmetadametadataimage-analysistimelinenetworkwindowsmacoslinux
  894

• sepinf-inc / IPED

  IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

  forensicrecoverydigital-forensics
  Language:Java 844
• AzureHunter

  darkquasar / AzureHunter

  A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

  azforensicsazureazure-forensicsazuresearchercloud-forensicscybersecuritydfirdigital-forensicsincident-responsepowershellv5threat-huntingthreathuntingunifiedauditlog
  Language:PowerShell 764
• Kuiper

  DFIRKuiper / Kuiper

  Digital Forensics Investigation Platform

  dfirsecurityincident-responseartifactsparserdigital-forensics
  Language:JavaScript 720

• ashemery / LinuxForensics

  Everything related to Linux Forensics

  dfirdigital-forensicsforensicsinvestigationslinux
  Language:Shell 663

• AvillaDaniel / AvillaForensics

  Avilla Forensics 3.0

  mobileforensicswhatsapptelegramsignaladbandroidadb-commandsiosapktoolforensics-toolsdowngradedowngrade-attackforensic-analysisdevicesinstagramextratormobile-forensicsdigital-forensicswhatsapp-parser
  Language:C# 610

• dfirtrack / dfirtrack

  DFIRTrack - The Incident Response Tracking Application

  dfirdigital-forensicsincident-managementincident-responseincident-response-tooling
  Language:Python 464

• ivbeg / awesome-forensicstools

  Awesome list of digital forensic tools

  awesomeawesome-listdigital-forensicsforensic-analysisforensicsinvestigative-journalismmetadata
  450
• Cortex-Analyzers

  TheHive-Project / Cortex-Analyzers

  Cortex Analyzers Repository

  thehiveanalyzercortexfreefree-softwareopen-sourceobservableiocjsonincident-responsedigital-forensicsdfircyber-threat-intelligencepythonenrichment
  Language:Python 415

• evild3ad / MemProcFS-Analyzer

  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

  dfirdigital-forensicsincident-responselive-responsememory-forensicsmemprocfspowershell
  Language:PowerShell 403
• TheHiveDocs

  TheHive-Project / TheHiveDocs

  Documentation of TheHive

  mispsecurity-incidentsiocsthehivecortexadministration-guideanalyzerrestapiincident-responsedigital-forensicsanalystdfirfreefree-softwaredocumentationopen-sourceplatformthehive-project
  390
• Linux-Incident-Response

  vm32 / Linux-Incident-Response

  practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response

  digital-forensicsdigital-forensics-incident-responseincident-responseirlinux
  Language:Shell 307

• cyb3rmik3 / MDE-DFIR-Resources

  A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.

  curated-collectionscurated-listdfirdigital-forensicsdigital-forensics-incident-responseincident-responsekqlkustokusto-querykusto-query-languagelive-responsemdemicrosoftmicrosoft-defender-for-endpointresources
  288

• RealityNet / kobackupdec

  Huawei backup decryptor

  androiddecryptiondigital-forensicshuaweipython3
  Language:Python 280
• catalyst

  SecurityBrewery / catalyst

  Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes

  soarincident-responsedigital-forensicsdfir
  Language:Go 271

• MK-Ware / Forensic-Tools

  A collection of tools for forensic analysis

  forensic-analysispythoncookieextract-metadataparseexif-extractormetadatametadata-extractionforensicsexif-data-extractionexif-metadataexifwhatsappfirefoxchromeskypefacebookfacebook-messengerhtml-tabledigital-forensics
  Language:Python 269

• digitalisx / awesome-memory-forensics

  A curated list of awesome Memory Forensics for DFIR

  awesomeawesome-listdigital-forensicsdigital-forensics-incident-responseforensicsincident-responsemalwaremalware-analysismalware-researchmemorymemory-analysis
  254
• dfir-toolkit

  dfir-dd / dfir-toolkit

  CLI tools for forensic investigation of Windows artifacts

  clidfirdigital-forensicsdigital-forensics-incident-responseforensic-analysisforensicsforensics-toolsrustrust-lang
  Language:Rust 238

• forensicanalysis / artifactcollector

  🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

  dfirdigital-forensicsforensicartifacts
  Language:Go 238

• evild3ad / Collect-MemoryDump

  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR

  powershelldfirdigital-forensicsincident-responselive-responsememory-acquisitionmemory-forensics
  Language:PowerShell 211

• TheHive-Project / TheHive4py

  Python API Client for TheHive

  thehiveincident-responsedigital-forensicsfree-softwareopen-sourcedfirfreeapi-clientapipython
  Language:Python 208
• windows-forensic-artifacts

  Psmths / windows-forensic-artifacts

  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

  analysisartifactsdfirdigital-forensicsforensic-analysisforensicartifactsforensicsforensics-investigationsreferencewindowswindows-11
  194
• horus

  6abd / horus

  An OSINT / digital forensics tool built in Python (formerly 'Sentinel')

  apicryptocryptocurrencycybersecuritydecryptiondigital-forensicsencryptionforensicsinvestigationinvestigationslocationosintpythonpython3requestssecuritysecurity-toolssteganographytooltools
  Language:Python 191
• c-aff4

  Velocidex / c-aff4

  An AFF4 C++ implementation.

  compression-formatscompression-librarydigital-forensicsforensics
  Language:C++ 181