forensics-investigations

There are 16 repositories under forensics-investigations topic.

• velociraptor

  Velocidex / velociraptor

  Digging Deeper....

  incident-responseforensics-investigationsinventory-managementendpoint-securityendpoint-protectionendpoint-discoverydigital-forensics
  Language:Go 2701
• Digital-Forensics-Guide

  mikeroyal / Digital-Forensics-Guide

  Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

  digitalforensicsdigitalforensicreadinessforensicssecurityforensics-toolsdigital-forensicsthreat-intelligenceintrusion-detectionmitre-attackdetection-engineeringnetwork-securityoffensive-securitycyber-securityport-scanningsiemalertingforensic-analysisforensics-investigationsosintdfir
  Language:Python 1373
• ForensicsTools

  mesquidar / ForensicsTools

  A list of free and open forensics analysis tools and other resources

  forensicsdigital-forensicscomputer-foreforensic-analysisforensics-investigationsforensic-toolstoolsfreeopen-sourceawesome-listmetadametadataimage-analysistimelinenetworkwindowsmacoslinux
  906

• Johnng007 / Live-Forensicator

  Powershell Script to aid Incidence Response and Live Forensics | Bash Script for MacOS Live Forensics and Incidence Response

  basheventlog-analysiseventlogsforensicatorforensicsforensics-investigationsincident-responselive-forensiclog4jmacospowershellransomeware
  Language:JavaScript 491

• CScorza / OSINT-FORENSICS-MOBILE

  Tools OSINT MOBILE

  forensicsforensics-dataforensics-investigationsmessengerosintosint-resourcesosint-toolretesmartphonesmartphone-appsmartphone-interactionsocial-network-analysis
  475

• redaelli / imago-forensics

  Imago is a python tool that extract digital evidences from images.

  forensics-investigationsdfirimage-analysispythonincident-response
  Language:Python 238

• Viralmaniar / Remote-Desktop-Caching-

  This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

  blueteamredteamhackinginternal-pentestpenetration-testingredteamingforensicsforensics-investigationsforensic-analysisinfrastructure-monitoringblue-teamhacking-toolshacking-attack-toolspurpleteam
  Language:Python 210
• windows-forensic-artifacts

  Psmths / windows-forensic-artifacts

  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

  forensicsartifactsdfirwindowswindows-11analysisreferencedigital-forensicsforensic-analysisforensicartifactsforensics-investigations
  204

• CScorza / Analisi-Digital-Forense

  Strumenti di Acquisizione e Analisi di copie Forensi

  best-practicesdifrdigitalforensic-analysisforensicsforensics-investigationsforensics-toolslinuxmacostoolswindows
  137

• hashlookup / hashlookup-forensic-analyser

  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/

  bloom-filterdfirdfir-automationforensic-analysisforensics-investigationshashlookupnsrlnsrllookup
  Language:Python 116

• digitalsleuth / WIN-FOR

  Windows Forensics Environment Builder

  forensicsforensics-investigationsforensics-toolswindows
  Language:C# 95

• resurrecting-open-source-projects / dcfldd

  Enhanced version of dd for forensics and security

  forensicsforensic-analysisforensics-investigationsrecovering-datarecovery-imagewipe
  Language:C 89

• PacktPublishing / Digital-Forensics-with-Kali-Linux

  Digital Forensics with Kali Linux, published by Packt

  kali-linuxkali-scriptsdigital-forensicsforensicsmobile-securityhackingbrute-force-attacksinvestigationforensics-investigationspenetration-testingpentestingpentest-tool
  87

• nshadov / screensaver-mouse-jiggler

  Hardware arduino based mouse emulator, preventing screen saver locking (eg. during forensic investigation)

  securityforensicsforensics-investigationsscreensaver-mouse-jigglerscreensaverarduino-device
  Language:C++ 81
• Judge-Jury-and-Executable

  AdamWhiteHat / Judge-Jury-and-Executable

  A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

  securitythreat-huntingantivirusscannerquery-languagecsharpforensics-level-scanningforensicsmftthreat-monitorforensic-analysisforensics-investigationsyarayara-scanneryara-rules
  Language:C# 78

• x4nth055 / ethical-hacking-tools-python

  Python programs & tools built in the Ethical Hacking with Python EBook

  email-extractorethical-hackingethical-hacking-toolsforensics-investigationsinformation-gatheringmalware-developmentpassword-crackernetwork-securitypacket-manipulationscapy
  Language:Python 70

• bitranox / fingerprint

  Monitoring Registry and File Changes in Windows

  python3windows-10windows-7windowsregistryregistry-hacksregistry-dataregistry-scriptshacking-toolhacking-toolshacking-codehackinghackingtoolhackingtoolsforensicsforensicforensics-investigationsforensic-analysisforensic-examinationsprocmon
  Language:Python 64

• MrMugiwara / FTK-imager-OSX

  FTK Imager a Forensics Tools For MAC OS X

  forensics-investigationsmacosxdigital-forensicsftk-imager
  61

• paulveillard / cybersecurity-forensics

  A collection of forensics tools, software, libraries, learning tutorials, frameworks, academic and practical resources in Cybersecurity

  digital-forensicsforensic-analysisforensics-toolsforensicsforensics-investigationsforensics-101cybersecurityfreeopen-sourceopen-discoveryopen-data
  57

• alephdata / ingest-file

  Ingestors extract the contents of mixed unstructured documents into structured (followthemoney) data.

  documentsexcelforensicsforensics-investigationsmetadata-extractionocremail-forensicsdocument-extraction
  Language:Python 52

• zweilosec / PowerShell-Administration-Tools

  Powershell scripts for automating common system administration, blue team, and digital forensics tasks

  powershell-scriptspowershellpowershell-adminscriptssystem-administrationautomationforensics-investigationsforensicsoffensive-securityred-teamredteam
  Language:PowerShell 52

• emrekybs / MrHandler

  Linux Incident Response Reporting

  cyber-securityforensics-investigationsforensics-toolsincident-managementincident-responseincident-response-toolinglinuxpython
  Language:HTML 51

• drivebadger / drivebadger

  Open source platform for covert data exfiltration operations, supporting all device types: computers, servers, mobile phones, tablets, pen drives and photo cameras.

  evidenceexfiltrateexfiltrationexfiltratorforensicsforensics-investigationskali-linuxlaw-enforcementlinuxluks-encryptionpolicepolice-officersraspberry-piraspberrypiraspbianrsyncsecuritysystemdusbusb-drive
  Language:Shell 44

• nipunjaswal / networkforensics

  Hands-On Network Forensics by Nipun Jaswal

  forensicsforensics-investigationsnetwork-forensicspcap-analyzermalware-analysis
  Language:Python 37

• matkowski-voy / Palmprint-Recognition-in-the-Wild

  palmprint-recognitionin-the-wildbiometricsforensicsbiometric-identificationpalmprint-roiuncontrolled-environmentuncooperative-environmentforensics-investigationsforensic-analysispalmpalmprintbiometric-analysispalmprintid
  Language:MATLAB 32

• KeL3vRa / TelegramExporter

  Telegram Exporter is a forensic tool to extract all chats of a given Telegram account.

  telegramforensicsforensics-investigationspythonpyrogramchatchat-logexportlog
  Language:Python 29

• r3k4t / phone-number-info

  Phone-number-info is a Phone Number Information Gathering Tool.

  pythonforensics-investigationsforensic-analysissecurity-researchsecurity-testingsoftware-engineeringnetwork-engineeringsoftware-development
  Language:Python 25

• INTERPOL-Innovation-Centre / HardwareWallets_DF_List

  List of Hardware Wallets for Digital Forensics

  bitcoinwalletsforensics-investigations
  22
• CybernetiX-S3C.github.io

  CybernetiX-S3C / CybernetiX-S3C.github.io

  This is the OFFICIAL CybernetiX S3C website.

  speedtestinformation-gatheringinformation-securityforensics-investigationsethical-hackingethical-artificial-intelligenceartificial-intelligenceipip-gathesk-wps-crackersk-wcextractwificardinfosecinfosploitip-lookupgeolocation
  Language:HTML 21

• iandday / o365AuditParser

  Microsoft Office365 Protection Center Audit Log Parser

  python3forensics-investigationsdfir
  Language:Python 21

• steffenfritz / FileTrove

  FileTrove indexes files and creates metadata from them.

  digipresdigital-preservationforensicsforensics-investigations
  Language:Go 21

• nipunjaswal / Wireless-forensics-framework

  Wireless Forensics Framework In Python

  wireless-forensicspythonportableforensics-investigations
  Language:Python 20

• AvillaDaniel / Signal-Forensics

  Signal database acquisition and decryption.

  androidforensicsforensics-investigationsforensics-signalforensics-toolssignalsignal-forensicssignal-processing
  18

• r3k4t / onionnux

  Onionnux is a onionsite(DEEPNET/DARKNET) tool.It can help to idenitfy onionsite is active or onionsite server name.

  socks5-proxypython-requestspython-pyfigletsecurity-auditonion-routingwebsite-vulnerabilitysecurity-researchsoftware-engineeringbugbountyforensics-investigationssecurity-analysis
  Language:Python 17

• AlecRandazzo / Packrat

  Live system forensic collector

  edr-toolsetsdfirforensicsforensics-investigationsincident-response-toolingincident-response
  Language:Go 16

• Shubhamkhapra / Email_header_analysis_forensic

  This tool help to find email header hop list . Also help to SpF and DKIM signature verification. You can check all mail is legitimate or not

  emailforensics-investigationsemail-forensicsspf-recorddkim-signaturehopsanalysisemail-senderemail-verificationflask-applicationpythonheroku
  Language:HTML 14