sleuthkit

There are 0 repository under sleuthkit topic.

sleuthkit / sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
sleuthkit tct ntfs forensics incident-response
Language:C++ 2919
sumeshi / ntfsfind
An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.
ntfs raw sleuthkit mft e01 python forensics vhd vhdx vmdk dfir
Language:Python 27
sumeshi / ntfsdump
An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.
raw e01 ntfs sleuthkit python forensics vmdk vhd vhdx dfir
Language:Python 22
shujianyang / btrForensics
Forensic Analysis Tool for Btrfs File System.
btrfs sleuthkit forensic-analysis
Language:C++ 21
wv8672 / digital-forensics-labs
A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.
forensics analysis ftk sleuthkit encase-forensic volatility
13
nov3mb3r / dfir
Collection of popular DFIR tools in a lightweight and fast docker image
docker forensics volatility sleuthkit memory-analysis registry-analysis disk-analysis
Language:Dockerfile 12
isciurus / sleuthkit
A fork of The Sleuthkit with XFS filesystem support. See PR https://github.com/sleuthkit/sleuthkit/pull/1476 for more info.
xfs forensics sleuthkit incident-response
Language:C 11
nannib / NBTEMPOW
NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.). It uses TSK (The Sleuthkit) and it has been developed with Lazarus V. 1.6.2 ( Delphi compatible cross-platform IDE for Rapid Application Development). It runs only in Windows. If the device image file is splitted, you can select just the first chunk.
forensics forensic-analysis timeline the sleuthkit tsk lazarus windows
Language:Pascal 8
Sim4n6 / Slack_handler
Python tool to extract File slacks from disk images.
digital-forensics extract sleuthkit disk-images
Language:Python 5
franckferman / DataDetective
🕵️‍♂️ Unlock the story hidden in data - Your digital investigation partner. TheSleuthKit (TSK) Python Wrapper.
forensic forensics python python3 forensic-software python-security thesleuthkit dfir dfir-automation disk-forensics python-wrapper sleuthkit tsk wrapper image-forensic image-forensics analysis ewf regripper disk-image
Language:Python 4
tanner-g / iKnowdeDiscovery
Forensic Inode Analysis
forensics-investigations inode sleuthkit
Language:Python 4
Deepak710 / python-sleuthkit-recover
Linux command line thumbstick file recovery script using SleuthKit
python python3 python-3 sleuthkit linux
Language:Python 3
HyperHamster / sleuthkit-recoverdir
A Bash script that utilizes The Sleuth Kit to recover directories in their entirety
bash-script sleuthkit data-recovery command-line command-line-tool
Language:Shell 3
turulomio / recovermypartition
Recover normal and deleted files from a partition
recover-files sleuthkit
Language:Python 3
CERT-EDF / fossil
A post-mortem analysis tool for raw disk/partition images
cli-app dfir dfir-automation post-mortem sleuthkit
Language:Python 1
erfanghorbanee / DigitalForensics-UNIGE
Solutions to some assignments of the Digital Forensics course that I took during my master's degree at UNIGE (University of Genova).
filesystem forensics testdisk sleuthkit
1
labcif / autopsy-packager
Automatic Github Workflows packager for autopsy
autopsy packager packaging sleuthkit forensics github-workflows automation archlinux debian debian-packages
Language:Shell 1
sumeshi / sleuthkit-mactime.py
A Python reimplementation of mactime.pl from The Sleuth Kit®.
dfir forensics mactime mft python python3 sleuthkit
Language:Perl 1
tgmars / flshell
An interactive shell for The Sleuth Kit's fls tool.
tsk sleuthkit interactive shell icat istat forensics disk-image dfir
Language:Go 1
usrtem / Digital-Forensics-Labwork
A collection of digital forensics lab reports covering Linux artifact recovery, shell history analysis, bash script forensics, and incident reconstruction using tools like SleuthKit, Auditd, and command-line utilities.
auditd bash-artifacts cron digital-forensics e3 forensic-analysis ftk-imager incident-response linux-forensics mactime mobile-forensics shell-history sleuthkit steganalysis timeline-analysis
1
TSKConnector
sequence-sh / TSKConnector
This repository is a mirror of https://gitlab.com/sequence/connectors/tsk
automation orchestration edrm ediscovery forensics sequence tsk sleuthkit autopsy
Language:C#

sleuthkit

sleuthkit / sleuthkit

sumeshi / ntfsfind

sumeshi / ntfsdump

shujianyang / btrForensics

wv8672 / digital-forensics-labs

nov3mb3r / dfir

isciurus / sleuthkit

nannib / NBTEMPOW

Sim4n6 / Slack_handler

franckferman / DataDetective

tanner-g / iKnowdeDiscovery

Deepak710 / python-sleuthkit-recover

HyperHamster / sleuthkit-recoverdir

turulomio / recovermypartition

CERT-EDF / fossil

erfanghorbanee / DigitalForensics-UNIGE

labcif / autopsy-packager

sumeshi / sleuthkit-mactime.py

tgmars / flshell

usrtem / Digital-Forensics-Labwork

sequence-sh / TSKConnector