sleuthkit

There are 0 repository under sleuthkit topic.

• sleuthkit / sleuthkit

  The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

  sleuthkittctntfsforensicsincident-response
  Language:C 2497

• shujianyang / btrForensics

  Forensic Analysis Tool for Btrfs File System.

  btrfssleuthkitforensic-analysis
  Language:C++ 16

• sumeshi / ntfsdump

  An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.

  e01forensicsntfspythonrawsleuthkitvhdvhdxvmdk
  Language:Python 16

• sumeshi / ntfsfind

  An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.

  e01forensicsmftntfspythonrawsleuthkitvhdvhdxvmdk
  Language:Python 16

• wv8672 / digital-forensics-labs

  A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.

  forensicsanalysisftksleuthkitencase-forensicvolatility
  12

• isciurus / sleuthkit

  A fork of The Sleuthkit with XFS filesystem support. See PR https://github.com/sleuthkit/sleuthkit/pull/1476 for more info.

  xfsforensicssleuthkitincident-response
  Language:C 10

• nov3mb3r / dfir

  Collection of popular DFIR tools in a lightweight and fast docker image

  dockerforensicsvolatilitysleuthkitmemory-analysisregistry-analysisdisk-analysis
  Language:Dockerfile 9

• nannib / NBTEMPOW

  NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.). It uses TSK (The Sleuthkit) and it has been developed with Lazarus V. 1.6.2 ( Delphi compatible cross-platform IDE for Rapid Application Development). It runs only in Windows. If the device image file is splitted, you can select just the first chunk.

  forensicsforensic-analysistimelinethesleuthkittsklazaruswindows
  Language:Pascal 7

• Sim4n6 / Slack_handler

  Python tool to extract File slacks from disk images.

  digital-forensicsdisk-imagesextractsleuthkit
  Language:Python 5

• tanner-g / iKnowdeDiscovery

  Forensic Inode Analysis

  forensics-investigationsinodesleuthkit
  Language:Python 4

• Deepak710 / python-sleuthkit-recover

  Linux command line thumbstick file recovery script using SleuthKit

  linuxpythonpython-3python3sleuthkit
  Language:Python 3

• HyperHamster / sleuthkit-recoverdir

  A Bash script that utilizes The Sleuth Kit to recover directories in their entirety

  bash-scriptcommand-linecommand-line-tooldata-recoverysleuthkit
  Language:Shell 3

• turulomio / recovermypartition

  Recover normal and deleted files from a partition

  recover-filessleuthkit
  Language:Python 3

• franckferman / DataDetective

  Unlock the story hidden in data - Your digital investigation partner. The Sleuth Kit Python Wrapper.

  automationautomation-forensicsforensicforensic-analysisforensic-examinationsforensic-toolsforensicsforensics-dataforensics-investigationsforensics-toolspythonpython-3python3sleuthkittsk
  Language:Python 2

• labcif / autopsy-packager

  Automatic Github Workflows packager for autopsy

  autopsypackagerpackagingsleuthkitforensicsgithub-workflowsautomationarchlinuxdebiandebian-packages
  Language:Shell 1

• tgmars / flshell

  An interactive shell for The Sleuth Kit's fls tool.

  tsksleuthkitinteractiveshellicatistatforensicsdisk-imagedfir
  Language:Go 1
• TSKConnector

  sequence-sh / TSKConnector

  This repository is a mirror of https://gitlab.com/sequence/connectors/tsk

  automationorchestrationedrmediscoveryforensicssequencetsksleuthkitautopsy
  Language:C#