[3337星][11d] [Py] google/grr remote live forensics for incident response
[1912星][13d] [Shell] toniblyx/prowler AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and DOZENS of additional checks including GDPR and HIPAA (+100). Official CIS for AWS guide:
[1017星][12d] [Rich Text Format] decalage2/oletools python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
[485星][26d] [Py] netflix-skunkworks/diffy a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
[98星][6y] [Py] matonis/page_brute a digital forensic tool purposed to analyze and categorize individual paged memory frames from Windows Page Files by appying YARA-based signatures to fix-sized blocks of pagefile.sys
[64星][1y] [Py] ralphje/imagemounter Command line utility and Python package to ease the (un)mounting of forensic disk images
[63星][3m] [C] carmaa/interrogate a proof-of-concept tool for identification of cryptographic keys in binary material (regardless of target operating system), first and foremost for memory dump analysis and forensic usage.
[31星][2y] [Py] bltsec/violent-python3 Python 3 scripts based on lessons learned from Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers by TJ O'Connor.
[23星][3m] [Pascal] nannib/imm2virtual This is a GUI (for Windows 64 bit) for a procedure to virtualize your EWF(E01), DD (raw), AFF disk image file without converting it, directly with VirtualBox, forensically proof.
[15星][2m] [Dockerfile] bitsofinfo/comms-analyzer-toolbox Tool for forensic analysis, search and graphing of communications content such as email MBOX files and CSV text message data using Elasticsearch and Kibana
[13星][10m] [Shell] matthewclarkmay/ftriage Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.
[9星][8y] [Perl] superponible/search-strings-extension srch_strings is a useful tool in digital forensics. Using the "-t d" option will give a byte location for the string. This repository contains two scripts that automatically map the byte location to the filesystem block containing the string.
[3星][1y] [Py] inp2/sherlock a digital forensic analysis toolkit that relies on graph theory, link analysis, and probabilistic graphical models in order to aid the examiner in digital forensic investigations.
[127星][11m] [Shell] wmal/kodachi Linux Kodachi operating system, based on Xubuntu 18.04, provide you with a secure, anti-forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure.
[71星][3y] [Py] monnappa22/hollowfind a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect and divert the forensic analysis techniques
[19星][3y] [Py] monnappa22/psinfo Psinfo is a Volatility plugin which collects the process related information from the VAD (Virtual Address Descriptor) and PEB (Process Enivornment Block) and displays the collected information and suspicious memory regions for all the processes running on the system. This plugin should allow a security analyst to get the process related informa…
[18星][3y] [Py] bridgeythegeek/editbox EditBox is a plugin for the Volatility Framework. It extracts the text from Windows Edit controls, that is, textboxes as generated by Windows Common Controls.
[7星][4y] [Py] bridgeythegeek/ndispktscan NDISPktScan is a plugin for the Volatility Framework. It parses the Ethernet packets stored by ndis.sys in Windows kernel space memory.
[7星][4m] [Java] esterhlav/black-scholes-option-pricing-model Black Scholes Option Pricing calculator with Greeks and implied volatility computations. Geometric Brownian Motion simulator with payoff value diagram and volatility smile plots. Java GUI.
[10星][3y] [C] t0t3m/afkit Anti live forensic linux LKM rootkit
[3星][2y] [Pascal] esperti/nbtempox a GNU-Linux forensic tool for making timelines (in CSV format) from block devices image files (raw, ewf,physicaldrive, etc.)
Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
"Awesome Forensics" and other potentially trademarked words, copyrighted images and copyrighted readme contents likely belong to the legal entity who owns the "Alphaseclab" organization. Awesome Open Source is not affiliated with the legal entity who owns the "Alphaseclab" organization.