The Top 78 Forensics Open Source Projects

Awesome Open Source

Awesome Open Source

Combined Topics

Advertising 📦 10

Application Programming Interfaces 📦 124

Applications 📦 192

Artificial Intelligence 📦 78

Blockchain 📦 73

Build Tools 📦 113

Cloud Computing 📦 80

Code Quality 📦 28

Collaboration 📦 32

Command Line Interface 📦 49

Community 📦 83

Companies 📦 60

Compilers 📦 63

Computer Science 📦 80

Configuration Management 📦 42

Content Management 📦 175

Control Flow 📦 213

Data Formats 📦 78

Data Processing 📦 276

Data Storage 📦 135

Economics 📦 64

Frameworks 📦 215

Graphics 📦 110

Hardware 📦 152

Integrated Development Environments 📦 49

Learning Resources 📦 166

Libraries 📦 129

Lists Of Projects 📦 22

Machine Learning 📦 347

Mapping 📦 64

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 98

Networking 📦 315

Operating Systems 📦 89

Operations 📦 121

Package Managers 📦 55

Programming Languages 📦 245

Runtime Environments 📦 100

Science 📦 42

Security 📦 396

Social Media 📦 27

Software Architecture 📦 72

Software Development 📦 72

Software Performance 📦 58

Software Quality 📦 133

Text Editors 📦 49

Text Processing 📦 136

User Interface 📦 330

User Interface Components 📦 514

Version Control 📦 30

Virtualization 📦 71

Web Browsers 📦 42

Web Servers 📦 26

Web User Interface 📦 210

The Top 78 Forensics Open Source Projects

Categories > Security > Forensics

Radare2 ⭐ 14,700

UNIX-like reverse engineering framework and command-line toolset

MVT is a forensic tool to look for signs of infection in smartphone devices

Infosec_reference ⭐ 3,900

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Prowler ⭐ 3,632

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.

Free Security Ebooks ⭐ 3,001

Free Security and Hacking eBooks

Blackhat Arsenal Tools ⭐ 2,501

Official Black Hat Arsenal Security Tools Repository

Sleuthkit ⭐ 1,864

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Oletools ⭐ 1,668

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

Timesketch ⭐ 1,654

Collaborative forensic timeline analysis

Awesome Hacking ⭐ 1,651

Awesome hacking is an awesome collection of hacking tools.

Gohacktools ⭐ 1,371

Hacker tools on Go (Golang)

Autopsy ⭐ 1,300

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

Tcpflow ⭐ 1,285

TCP/IP packet demultiplexer. Download from:

Pentesting_toolkit ⭐ 1,268

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

Pcapxray ⭐ 1,167

❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

Plaso ⭐ 1,119

Super timeline all the things

Tracking history of USB events on GNU/Linux

Memlabs ⭐ 800

Educational, CTF-styled labs for individuals interested in Memory Forensics

Hindsight ⭐ 638

Web browser forensics for Google Chrome/Chromium

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

Operative Framework ⭐ 531

operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

Turbinia ⭐ 486

Automation and Scaling of Digital Forensics Tools

A single file container/archive that can be reconstructed even after total loss of file system structures

Awesome Forensics ⭐ 470

Awesome Forensics Resources. Almost 300 open source forensics tools, and 600 blog posts about forensics.

OSINT Swiss Army Knife

A Linux packet crafting tool.

Swap_digger ⭐ 385

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Mac_apt ⭐ 385

macOS (& ios) Artifact Parsing Tool

Hackdroid ⭐ 365

Android Apps, Roms and Platforms for Pentesting

Flare Wmi ⭐ 364

Docker Explorer ⭐ 357

A tool to help forensicate offline docker acquisitions

Malconfscan ⭐ 342

Volatility plugin for extracts configuration data of known malware

Ir Rescue ⭐ 333

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Recuperabit ⭐ 304

A tool for forensic file system reconstruction.

Meerkat ⭐ 298

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Adtimeline ⭐ 280

Timeline of Active Directory changes with replication metadata

Invtero.net ⭐ 242

inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

Forensicstools ⭐ 236

A list of free and open forensics analysis tools and other resources

Userline ⭐ 224

Query and report user logons relations from MS Windows Security Events

Forensic Tools ⭐ 220

A collection of tools for forensic analysis

Linuxforensics ⭐ 220

Everything related to Linux Forensics

Awesome Forensicstools ⭐ 216

Awesome list of digital forensic tools

Whatsdump ⭐ 215

Extract WhatsApp private key from any non-rooted Android device (Android 7+ supported)

Ctf Tools ⭐ 213

Useful CTF Tools

FAT filesystems explore, extract, repair, and forensic tool

Pypowershellxray ⭐ 193

Python script to decode common encoded PowerShell scripts

Rebel Framework ⭐ 183

Advanced and easy to use penetration testing framework 💣🔎

SIEM Tactics, Techiques, and Procedures

Remote Desktop Caching ⭐ 178

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Joincap ⭐ 166

Merge multiple pcap files together, gracefully.

Dfir_resources_revil_kaseya ⭐ 151

Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack

An AFF4 C++ implementation.

Artifacts Kit ⭐ 131

Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.

Malware Behavior Analyzer

Hibr2bin ⭐ 118

Comae Hibernation File Decompressor

Invoke Liveresponse ⭐ 118

Invoke-LiveResponse

Information Security Tasks ⭐ 114

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Rifiuti2 ⭐ 100

Windows Recycle Bin analyser

Image Copy Move Detection ⭐ 98

Copy-move forgery detection on digital image using Python

Icpr2020dfdc ⭐ 92

Video Face Manipulation Detection Through Ensemble of CNNs

UAC (Unix-like Artifacts Collector) is a Live Response collection tool for Incident Reponse that makes use of built-in tools to automate the collection of Unix-like systems artifacts. Supported systems: AIX, FreeBSD, Linux, macOS, NetBSD, Netscaler, OpenBSD and Solaris.

Dfw1n Osint ⭐ 81

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

Whatsapp Key Database Extractor ⭐ 79

The most advanced and complete solution for extracting WhatsApp key/DB from package directory (/data/data/com.whatsapp) without root access

Mobile Revelator

Etl Parser ⭐ 73

Event Trace Log file parser in pure Python

Metaforge ⭐ 68

An OSINT Metadata analyzing tool that filters through tags and creates reports

Itunes_backup_reader ⭐ 65

Python 3 Script to parse out iTunes backups

Bramble is a hacking Open source suite.

Autotimeliner ⭐ 58

Automagically extract forensic timeline from volatile memory dump

Parses $MFT from NTFS file systems

🕵️ A tool for Firefox profile analysis, data extraction, forensics and hardening

Amt Forensics ⭐ 40

Retrieve Intel AMT's Audit Log from a Linux machine without knowing the admin user's password.

Dumproid ⭐ 36

Android process memory dump tool without ndk.

Alcide Kubernetes Audit Log Analyzer - Alcide kAudit

A FUSE module to mount captured network data

Powerful checksum generator!

tamper resistant audit log

1-78 of 78 projects

Advertising 📦 10

Application Programming Interfaces 📦 124

Applications 📦 192

Artificial Intelligence 📦 78

Blockchain 📦 73

Build Tools 📦 113

Cloud Computing 📦 80

Code Quality 📦 28

Collaboration 📦 32

Command Line Interface 📦 49

Community 📦 83

Companies 📦 60

Compilers 📦 63

Computer Science 📦 80

Configuration Management 📦 42

Content Management 📦 175

Control Flow 📦 213

Data Formats 📦 78

Data Processing 📦 276

Data Storage 📦 135

Economics 📦 64

Frameworks 📦 215

Graphics 📦 110

Hardware 📦 152

Integrated Development Environments 📦 49

Learning Resources 📦 166

Libraries 📦 129

Lists Of Projects 📦 22

Machine Learning 📦 347

Mapping 📦 64

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 98

Networking 📦 315

Operating Systems 📦 89

Operations 📦 121

Package Managers 📦 55

Programming Languages 📦 245

Runtime Environments 📦 100

Science 📦 42

Security 📦 396

Social Media 📦 27

Software Architecture 📦 72

Software Development 📦 72

Software Performance 📦 58

Software Quality 📦 133

Text Editors 📦 49

Text Processing 📦 136

User Interface 📦 330

User Interface Components 📦 514

Version Control 📦 30

Virtualization 📦 71

Web Browsers 📦 42

Web Servers 📦 26

Web User Interface 📦 210