digital-forensics

There are 81 repositories under digital-forensics topic.

• cugu / awesome-forensics

  A curated list of awesome forensic analysis tools and resources

  computer-forensicsdfirdigital-forensicsforensic-analysisfreeopen-source
  3875
• TheHive

  TheHive-Project / TheHive

  TheHive: a Scalable, Open Source and Free Security Incident Response Platform

  mispsecurity-incidentsanalyzeriocsthehivedigital-forensicsincident-responserestapiscalainvestigationsdfirfreeopen-sourceplatformcortexagplv3orchestrationincident-managementincident-response-tooling
  Language:Scala 3370
• velociraptor

  Velocidex / velociraptor

  Digging Deeper....

  digital-forensicsendpoint-discoveryendpoint-protectionendpoint-securityforensics-investigationsincident-responseinventory-management
  Language:Go 2881

• simsong / tcpflow

  TCP/IP packet demultiplexer. Download from:

  digital-forensicsforensicstcp-protocoltcpip
  Language:C++ 1677
• MemLabs

  stuxnet999 / MemLabs

  Educational, CTF-styled labs for individuals interested in Memory Forensics

  ctfctf-challengescybersecuritydfirdigital-forensicsforensicsmemory-forensicssecuritywindows
  Language:Shell 1628
• Digital-Forensics-Guide

  mikeroyal / Digital-Forensics-Guide

  Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

  alertingcyber-securitydetection-engineeringdfirdigital-forensicsdigitalforensicreadinessdigitalforensicsforensic-analysisforensicsforensics-investigationsforensics-toolsintrusion-detectionmitre-attacknetwork-securityoffensive-securityosintport-scanningsecuritysiemthreat-intelligence
  Language:Python 1598
• Cortex

  TheHive-Project / Cortex

  Cortex: a Powerful Observable Analysis and Active Response Engine

  responsedfiranalysisanalyzerthehiveenginescalapythonrestapisecurity-incidentsdigital-forensicsiocsobservablefreefree-softwareopen-sourceincident-responsecyber-threat-intelligencecortex
  Language:Scala 1318
• beagle

  yampelo / beagle

  Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

  dfirdigital-forensicsforensic-analysisgraphincident-responsesecuritythreat-hunting
  Language:Python 1269
• ThePhish

  emalderson / ThePhish

  ThePhish: an automated phishing email analysis tool

  emaildetectionmalwarephishingcybersecuritymispthehivethehive4thehive4pyindicators-of-compromisecyberdefensephishing-detectionpythonincident-responsefreedigital-forensicsthreat-intelligencewebappattackscript
  Language:Python 1120

• rezaduty / cybersecurity-career-path

  Cybersecurity Career Path

  cyber-threat-analystcybersecurity-career-pathdigital-forensicspentestingroadmap
  1089

• dfir-iris / iris-web

  Collaborative Incident Response platform

  csirt-toolingdigital-forensicsdigital-forensics-incident-responseforensicforensic-analysisforensic-toolsincident-responsepython
  Language:JavaScript 1034
• ForensicsTools

  mesquidar / ForensicsTools

  A list of free and open forensics analysis tools and other resources

  awesome-listcomputer-foredigital-forensicsforensic-analysisforensic-toolsforensicsforensics-investigationsfreeimage-analysislinuxmacosmetadametadatanetworkopen-sourcetimelinetoolswindows
  1015

• sepinf-inc / IPED

  IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

  digital-forensicsforensicrecovery
  Language:Java 943
• whatfiles

  spieglt / whatfiles

  Log what files are accessed by any Linux process

  digital-forensicsfilesystem-eventslinux-utilities
  Language:C 939
• AzureHunter

  darkquasar / AzureHunter

  A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

  azforensicsazureazure-forensicsazuresearchercloud-forensicscybersecuritydfirdigital-forensicsincident-responsepowershellv5threat-huntingthreathuntingunifiedauditlog
  Language:PowerShell 769
• Kuiper

  DFIRKuiper / Kuiper

  Digital Forensics Investigation Platform

  artifactsdfirdigital-forensicsincident-responseparsersecurity
  Language:JavaScript 758

• AvillaDaniel / AvillaForensics

  Avilla Forensics 3.0

  adbadb-commandsandroidapktooldevicesdigital-forensicsdowngradedowngrade-attackextratorforensic-analysisforensicsforensics-toolsinstagramiosmobilemobile-forensicssignaltelegramwhatsappwhatsapp-parser
  Language:C# 685

• ashemery / LinuxForensics

  Everything related to Linux Forensics

  dfirdigital-forensicsforensicsinvestigationslinux
  Language:Shell 672

• evild3ad / MemProcFS-Analyzer

  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

  dfirdigital-forensicsincident-responselive-responsememory-forensicsmemprocfspowershell
  Language:PowerShell 485

• dfirtrack / dfirtrack

  DFIRTrack - The Incident Response Tracking Application

  dfirdigital-forensicsincident-managementincident-responseincident-response-tooling
  Language:Python 479

• ivbeg / awesome-forensicstools

  Awesome list of digital forensic tools

  awesomeawesome-listforensicsforensic-analysisdigital-forensicsmetadatainvestigative-journalism
  477
• Cortex-Analyzers

  TheHive-Project / Cortex-Analyzers

  Cortex Analyzers Repository

  analyzercortexcyber-threat-intelligencedfirdigital-forensicsenrichmentfreefree-softwareincident-responseiocjsonobservableopen-sourcepythonthehive
  Language:Python 430
• TheHiveDocs

  TheHive-Project / TheHiveDocs

  Documentation of TheHive

  mispsecurity-incidentsiocsthehivecortexadministration-guideanalyzerrestapiincident-responsedigital-forensicsanalystdfirfreefree-softwaredocumentationopen-sourceplatformthehive-project
  391
• Linux-Incident-Response

  vm32 / Linux-Incident-Response

  practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response

  digital-forensicsdigital-forensics-incident-responseincident-responseirlinux
  Language:Shell 356

• cyb3rmik3 / MDE-DFIR-Resources

  A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.

  curated-collectionscurated-listdfirdigital-forensicsdigital-forensics-incident-responseincident-responsekqlkustokusto-querykusto-query-languagelive-responsemdemicrosoftmicrosoft-defender-for-endpointresources
  348
• catalyst

  SecurityBrewery / catalyst

  Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes

  dfirdigital-forensicsincident-responsesoar
  Language:Vue 323

• digitalisx / awesome-memory-forensics

  A curated list of awesome Memory Forensics for DFIR

  awesomeawesome-listdigital-forensicsdigital-forensics-incident-responseforensicsincident-responsemalwaremalware-analysismalware-researchmemorymemory-analysis
  319
• horus

  6abd / horus

  An OSINT / digital forensics tool built in Python

  apicryptocryptocurrencycybersecuritydecryptiondigital-forensicsencryptionforensicshacktoberfestinvestigationinvestigationslocationosintpythonrequestssecuritysecurity-toolssteganographytooltools
  Language:Python 316
• dfir-toolkit

  dfir-dd / dfir-toolkit

  CLI tools for forensic investigation of Windows artifacts

  clidfirdigital-forensicsdigital-forensics-incident-responseforensic-analysisforensicsforensics-toolsrustrust-lang
  Language:Rust 300

• RealityNet / kobackupdec

  Huawei backup decryptor

  python3huaweiandroiddecryptiondigital-forensics
  Language:Python 290

• MK-Ware / Forensic-Tools

  A collection of tools for forensic analysis

  forensic-analysispythoncookieextract-metadataparseexif-extractormetadatametadata-extractionforensicsexif-data-extractionexif-metadataexifwhatsappfirefoxchromeskypefacebookfacebook-messengerhtml-tabledigital-forensics
  Language:Python 273

• forensicanalysis / artifactcollector

  🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

  dfirdigital-forensicsforensicartifacts
  Language:Go 264
• windows-forensic-artifacts

  Psmths / windows-forensic-artifacts

  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

  analysisartifactsdfirdigital-forensicsforensic-analysisforensicartifactsforensicsforensics-investigationsreferencewindowswindows-11
  249

• evild3ad / Collect-MemoryDump

  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR

  dfirdigital-forensicsincident-responselive-responsememory-acquisitionmemory-forensicspowershell
  Language:PowerShell 216

• TheHive-Project / TheHive4py

  Python API Client for TheHive

  thehiveincident-responsedigital-forensicsfree-softwareopen-sourcedfirfreeapi-clientapipython
  Language:Python 213
• c-aff4

  Velocidex / c-aff4

  An AFF4 C++ implementation.

  forensicscompression-librarycompression-formatsdigital-forensics
  Language:C++ 187