digital-forensics

There are 82 repositories under digital-forensics topic.

• cugu / awesome-forensics

  A curated list of awesome forensic analysis tools and resources

  computer-forensicsdfirdigital-forensicsforensic-analysisfreeopen-source
  3876
• TheHive

  TheHive-Project / TheHive

  TheHive: a Scalable, Open Source and Free Security Incident Response Platform

  agplv3analyzerapicortexdfirdigital-forensicsfreeincident-managementincident-responseincident-response-toolinginvestigationsiocsmispopen-sourceorchestrationplatformrestscalasecurity-incidentsthehive
  Language:Scala 3372
• velociraptor

  Velocidex / velociraptor

  Digging Deeper....

  digital-forensicsendpoint-discoveryendpoint-protectionendpoint-securityforensics-investigationsincident-responseinventory-management
  Language:Go 2879

• simsong / tcpflow

  TCP/IP packet demultiplexer. Download from:

  digital-forensicsforensicstcp-protocoltcpip
  Language:C++ 1678
• MemLabs

  stuxnet999 / MemLabs

  Educational, CTF-styled labs for individuals interested in Memory Forensics

  ctfctf-challengescybersecuritydfirdigital-forensicsforensicsmemory-forensicssecuritywindows
  Language:Shell 1628
• Digital-Forensics-Guide

  mikeroyal / Digital-Forensics-Guide

  Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

  alertingcyber-securitydetection-engineeringdfirdigital-forensicsdigitalforensicreadinessdigitalforensicsforensic-analysisforensicsforensics-investigationsforensics-toolsintrusion-detectionmitre-attacknetwork-securityoffensive-securityosintport-scanningsecuritysiemthreat-intelligence
  Language:Python 1598
• Cortex

  TheHive-Project / Cortex

  Cortex: a Powerful Observable Analysis and Active Response Engine

  analysisanalyzerapicortexcyber-threat-intelligencedfirdigital-forensicsenginefreefree-softwareincident-responseiocsobservableopen-sourcepythonresponserestscalasecurity-incidentsthehive
  Language:Scala 1319
• beagle

  yampelo / beagle

  Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

  securitydigital-forensicsincident-responsegraphdfirforensic-analysisthreat-hunting
  Language:Python 1268
• ThePhish

  emalderson / ThePhish

  ThePhish: an automated phishing email analysis tool

  attackcyberdefensecybersecuritydetectiondigital-forensicsemailfreeincident-responseindicators-of-compromisemalwaremispphishingphishing-detectionpythonscriptthehivethehive4thehive4pythreat-intelligencewebapp
  Language:Python 1120

• rezaduty / cybersecurity-career-path

  Cybersecurity Career Path

  cyber-threat-analystcybersecurity-career-pathdigital-forensicspentestingroadmap
  1088

• dfir-iris / iris-web

  Collaborative Incident Response platform

  csirt-toolingdigital-forensicsdigital-forensics-incident-responseforensicforensic-analysisforensic-toolsincident-responsepython
  Language:JavaScript 1035
• ForensicsTools

  mesquidar / ForensicsTools

  A list of free and open forensics analysis tools and other resources

  awesome-listcomputer-foredigital-forensicsforensic-analysisforensic-toolsforensicsforensics-investigationsfreeimage-analysislinuxmacosmetadametadatanetworkopen-sourcetimelinetoolswindows
  1017

• sepinf-inc / IPED

  IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

  forensicrecoverydigital-forensics
  Language:Java 943
• whatfiles

  spieglt / whatfiles

  Log what files are accessed by any Linux process

  filesystem-eventsdigital-forensicslinux-utilities
  Language:C 939
• AzureHunter

  darkquasar / AzureHunter

  A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

  azforensicsazureazure-forensicsazuresearchercloud-forensicscybersecuritydfirdigital-forensicsincident-responsepowershellv5threat-huntingthreathuntingunifiedauditlog
  Language:PowerShell 769
• Kuiper

  DFIRKuiper / Kuiper

  Digital Forensics Investigation Platform

  dfirsecurityincident-responseartifactsparserdigital-forensics
  Language:JavaScript 758

• AvillaDaniel / AvillaForensics

  Avilla Forensics 3.0

  mobileforensicswhatsapptelegramsignaladbandroidadb-commandsiosapktoolforensics-toolsdowngradedowngrade-attackforensic-analysisdevicesinstagramextratormobile-forensicsdigital-forensicswhatsapp-parser
  Language:C# 685

• ashemery / LinuxForensics

  Everything related to Linux Forensics

  dfirdigital-forensicsforensicsinvestigationslinux
  Language:Shell 672

• evild3ad / MemProcFS-Analyzer

  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

  dfirdigital-forensicsincident-responselive-responsememory-forensicsmemprocfspowershell
  Language:PowerShell 484

• dfirtrack / dfirtrack

  DFIRTrack - The Incident Response Tracking Application

  dfirdigital-forensicsincident-managementincident-responseincident-response-tooling
  Language:Python 479

• ivbeg / awesome-forensicstools

  Awesome list of digital forensic tools

  awesomeawesome-listforensicsforensic-analysisdigital-forensicsmetadatainvestigative-journalism
  477
• Cortex-Analyzers

  TheHive-Project / Cortex-Analyzers

  Cortex Analyzers Repository

  thehiveanalyzercortexfreefree-softwareopen-sourceobservableiocjsonincident-responsedigital-forensicsdfircyber-threat-intelligencepythonenrichment
  Language:Python 430
• TheHiveDocs

  TheHive-Project / TheHiveDocs

  Documentation of TheHive

  mispsecurity-incidentsiocsthehivecortexadministration-guideanalyzerrestapiincident-responsedigital-forensicsanalystdfirfreefree-softwaredocumentationopen-sourceplatformthehive-project
  391
• Linux-Incident-Response

  vm32 / Linux-Incident-Response

  practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response

  digital-forensicsdigital-forensics-incident-responseincident-responseirlinux
  Language:Shell 356

• cyb3rmik3 / MDE-DFIR-Resources

  A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.

  curated-collectionscurated-listdfirdigital-forensicsdigital-forensics-incident-responseincident-responselive-responsemdemicrosoftmicrosoft-defender-for-endpointresourceskqlkustokusto-querykusto-query-language
  348
• catalyst

  SecurityBrewery / catalyst

  Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes

  soarincident-responsedigital-forensicsdfir
  Language:Vue 326

• digitalisx / awesome-memory-forensics

  A curated list of awesome Memory Forensics for DFIR

  digital-forensicsincident-responsedigital-forensics-incident-responsememorymemory-analysismalwareawesome-listawesomemalware-analysismalware-researchforensics
  319
• horus

  6abd / horus

  An OSINT / digital forensics tool built in Python

  investigationsosintpythonsecuritysecurity-toolsapicryptocryptocurrencycybersecuritydecryptiondigital-forensicsencryptionforensicsinvestigationlocationrequestssteganographytooltoolshacktoberfest
  Language:Python 317
• dfir-toolkit

  dfir-dd / dfir-toolkit

  CLI tools for forensic investigation of Windows artifacts

  clidfirdigital-forensicsdigital-forensics-incident-responseforensic-analysisforensicsforensics-toolsrustrust-lang
  Language:Rust 300

• RealityNet / kobackupdec

  Huawei backup decryptor

  python3huaweiandroiddecryptiondigital-forensics
  Language:Python 290

• MK-Ware / Forensic-Tools

  A collection of tools for forensic analysis

  forensic-analysispythoncookieextract-metadataparseexif-extractormetadatametadata-extractionforensicsexif-data-extractionexif-metadataexifwhatsappfirefoxchromeskypefacebookfacebook-messengerhtml-tabledigital-forensics
  Language:Python 273

• forensicanalysis / artifactcollector

  🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

  dfirdigital-forensicsforensicartifacts
  Language:Go 264
• windows-forensic-artifacts

  Psmths / windows-forensic-artifacts

  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

  forensicsartifactsdfirwindowswindows-11analysisreferencedigital-forensicsforensic-analysisforensicartifactsforensics-investigations
  249

• evild3ad / Collect-MemoryDump

  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR

  powershelldfirdigital-forensicsincident-responselive-responsememory-acquisitionmemory-forensics
  Language:PowerShell 215

• TheHive-Project / TheHive4py

  Python API Client for TheHive

  thehiveincident-responsedigital-forensicsfree-softwareopen-sourcedfirfreeapi-clientapipython
  Language:Python 213
• c-aff4

  Velocidex / c-aff4

  An AFF4 C++ implementation.

  compression-formatscompression-librarydigital-forensicsforensics
  Language:C++ 187