The Top 522 Forensics Open Source Projects on Github

Awesome Open Source

Awesome Open Source

Combined Topics

Advertising 📦 9

Application Programming Interfaces 📦 120

Applications 📦 181

Artificial Intelligence 📦 72

Blockchain 📦 70

Build Tools 📦 111

Cloud Computing 📦 79

Code Quality 📦 28

Collaboration 📦 30

Command Line Interface 📦 48

Community 📦 81

Companies 📦 60

Compilers 📦 60

Computer Science 📦 74

Configuration Management 📦 39

Content Management 📦 167

Control Flow 📦 197

Data Formats 📦 77

Data Processing 📦 266

Data Storage 📦 132

Economics 📦 60

Frameworks 📦 198

Graphics 📦 103

Hardware 📦 148

Integrated Development Environments 📦 47

Learning Resources 📦 147

Libraries 📦 119

Lists Of Projects 📦 21

Machine Learning 📦 336

Mapping 📦 61

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 97

Networking 📦 304

Operating Systems 📦 84

Operations 📦 120

Package Managers 📦 52

Programming Languages 📦 229

Runtime Environments 📦 96

Science 📦 42

Security 📦 375

Social Media 📦 26

Software Architecture 📦 70

Software Development 📦 68

Software Performance 📦 57

Software Quality 📦 127

Text Editors 📦 45

Text Processing 📦 131

User Interface 📦 310

User Interface Components 📦 465

Version Control 📦 29

Virtualization 📦 68

Web Browsers 📦 38

Web Servers 📦 25

Web User Interface 📦 194

The Top 522 Forensics Open Source Projects on Github

Categories > Security > Forensics

Radare2 ⭐ 15,709

UNIX-like reverse engineering framework and command-line toolset

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Prowler ⭐ 4,762

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Infosec_reference ⭐ 4,169

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Free Security Ebooks ⭐ 2,988

Free Security and Hacking eBooks

Blackhat Arsenal Tools ⭐ 2,518

Official Black Hat Arsenal Security Tools Repository

Sleuthkit ⭐ 1,962

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Timesketch ⭐ 1,828

Collaborative forensic timeline analysis

Awesome Hacking ⭐ 1,807

Awesome hacking is an awesome collection of hacking tools.

Oletools ⭐ 1,797

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

Gohacktools ⭐ 1,450

Hacker tools on Go (Golang)

Autopsy ⭐ 1,420

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

Tcpflow ⭐ 1,287

TCP/IP packet demultiplexer. Download from:

Plaso ⭐ 1,207

Super timeline all the things

Pcapxray ⭐ 1,145

❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

Tracking history of USB events on GNU/Linux

Memlabs ⭐ 689

Educational, CTF-styled labs for individuals interested in Memory Forensics

Hindsight ⭐ 680

Web browser forensics for Google Chrome/Chromium

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

Turbinia ⭐ 519

Automation and Scaling of Digital Forensics Tools

A single file container/archive that can be reconstructed even after total loss of file system structures

Operative Framework ⭐ 451

operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

Mac_apt ⭐ 437

macOS (& ios) Artifact Parsing Tool

Hackdroid ⭐ 413

PENTESTING USING ANDROID

OSINT Swiss Army Knife

Awesome Forensics ⭐ 382

Awesome Forensics Resources. Almost 300 open source forensics tools, and 600 blog posts about forensics.

Docker Explorer ⭐ 376

A tool to help forensicate offline docker acquisitions

A Linux packet crafting tool.

Swap_digger ⭐ 376

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Flare Wmi ⭐ 372

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

Iris Web ⭐ 357

Incident Response collaborative platform

Malconfscan ⭐ 345

Volatility plugin for extracts configuration data of known malware

Recuperabit ⭐ 338

A tool for forensic file system reconstruction.

Ir Rescue ⭐ 309

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Meerkat ⭐ 306

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Adtimeline ⭐ 305

Timeline of Active Directory changes with replication metadata

Hayabusa ⭐ 265

Hayabusa is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs written in Rust.

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

Forensicstools ⭐ 241

A list of free and open forensics analysis tools and other resources

Awesome Event Ids ⭐ 229

Collection of Event ID ressources useful for Digital Forensics and Incident Response

Forensic Tools ⭐ 220

A collection of tools for forensic analysis

Invtero.net ⭐ 219

inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

Userline ⭐ 217

Query and report user logons relations from MS Windows Security Events

Linuxforensics ⭐ 217

Everything related to Linux Forensics

Whatsdump ⭐ 215

Extract WhatsApp private key from any non-rooted Android device (Android 7+ supported)

SIEM Tactics, Techiques, and Procedures

FAT filesystems explore, extract, repair, and forensic tool

Pypowershellxray ⭐ 184

Python script to decode common encoded PowerShell scripts

Ctf Tools ⭐ 173

Useful CTF Tools

Mindmaps ⭐ 172

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Joincap ⭐ 159

Merge multiple pcap files together, gracefully.

Whatsapp Key Database Extractor ⭐ 155

The most advanced and complete solution for extracting WhatsApp key/DB from package directory (/data/data/com.whatsapp) without root access

Remote Desktop Caching ⭐ 155

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Robot_hacking_manual ⭐ 144

Robot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.

Regrippy ⭐ 130

A modern Python-3-based alternative to RegRipper

Information Security Tasks ⭐ 126

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Malware Behavior Analyzer

UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts.

Invoke Liveresponse ⭐ 118

Invoke-LiveResponse

A library for reading PST files (written in Go/Golang).

Windowstimeline ⭐ 113

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

Dfir O365rc ⭐ 110

PowerShell module for Office 365 and Azure log collection

Icpr2020dfdc ⭐ 108

Video Face Manipulation Detection Through Ensemble of CNNs

Awesome Forensicstools ⭐ 107

Awesome list of digital forensic tools

Hibr2bin ⭐ 106

Comae Hibernation File Decompressor

Open Source SIEM (Security Information and Event Management system).

Rdpcachestitcher ⭐ 106

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Win 10 related research

Android Mobile Device Hardening

Rifiuti2 ⭐ 97

Windows Recycle Bin analyser

Image Copy Move Detection ⭐ 93

Copy-move forgery detection on digital image using Python

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

An AFF4 C++ implementation.

Macforensics ⭐ 92

Scripts to process macOS forensic artifacts

Yara Forensics ⭐ 91

Set of Yara rules for finding files using magics headers

pcqf (PC Quick Forensics) helps quickly gathering forensic evidence from Windows, Mac, and Linux systems, in order to identify potential traces of compromise.

Forensic Analysis for Mobile Apps (FAMA) -- module for the Autopsy Forensic Browser

Dfw1n Osint ⭐ 83

Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers

Logdissect ⭐ 82

CLI utility and Python module for analyzing log files and other data.

Wipedicks ⭐ 81

Wipe files and drives securely with randoms ASCII dicks

Sift Saltstack ⭐ 81

Salt States for Configuring the SIFT Workstation

Bootcode_parser ⭐ 75

A boot record parser that identifies known good signatures for MBR, VBR and IPL.

The scalable, auditable and high-performance tamper-evident log project

Invoke Forensics ⭐ 65

Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.

Stringsext ⭐ 62

Find multi-byte-encoded strings in binary data (Gitlab mirror).

Nsa Codebreaker 2020 ⭐ 62

My solutions to the 2020 NSA Codebreaker Challenge

Rair Core ⭐ 62

RAIR: RAdare In Rust

Spotlight_parser ⭐ 61

Read and extract data from macOS spotlight databases

Parses $MFT from NTFS file systems

Etl Parser ⭐ 57

Event Trace Log file parser in pure Python

Mobile Revelator

Itunes_backup_reader ⭐ 54

Python 3 Script to parse out iTunes backups

Crc Manipulator ⭐ 54

Change CRC checksums of your files.

volatility explorer

Ctf Write Ups ⭐ 51

Write-ups for CTF challenges.

Vss_carver ⭐ 51

Carves and recreates VSS catalog and store from Windows disk image.

Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.

Fileless persistence, attacks and anti-forensic capabilties.

1-100 of 522 projects

Related Projects

Python Forensics Projects (181)

Forensics Dfir Projects (84)

Security Forensics Projects (81)

Forensics Forensic Analysis Projects (49)

Ctf Forensics Projects (46)

Shell Forensics Projects (44)

Windows Forensics Projects (42)

Reverse Engineering Forensics Projects (39)

Cryptography Forensics Projects (39)

Advertising 📦 9

Application Programming Interfaces 📦 120

Applications 📦 181

Artificial Intelligence 📦 72

Blockchain 📦 70

Build Tools 📦 111

Cloud Computing 📦 79

Code Quality 📦 28

Collaboration 📦 30

Command Line Interface 📦 48

Community 📦 81

Companies 📦 60

Compilers 📦 60

Computer Science 📦 74

Configuration Management 📦 39

Content Management 📦 167

Control Flow 📦 197

Data Formats 📦 77

Data Processing 📦 266

Data Storage 📦 132

Economics 📦 60

Frameworks 📦 198

Graphics 📦 103

Hardware 📦 148

Integrated Development Environments 📦 47

Learning Resources 📦 147

Libraries 📦 119

Lists Of Projects 📦 21

Machine Learning 📦 336

Mapping 📦 61

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 97

Networking 📦 304

Operating Systems 📦 84

Operations 📦 120

Package Managers 📦 52

Programming Languages 📦 229

Runtime Environments 📦 96

Science 📦 42

Security 📦 375

Social Media 📦 26

Software Architecture 📦 70

Software Development 📦 68

Software Performance 📦 57

Software Quality 📦 127

Text Editors 📦 45

Text Processing 📦 131

User Interface 📦 310

User Interface Components 📦 465

Version Control 📦 29

Virtualization 📦 68

Web Browsers 📦 38

Web Servers 📦 25

Web User Interface 📦 194

"GitHub" is a registered trademark of GitHub, Inc. Awesome Open Source is not affiliated with GitHub.

All non readme contents or Github based topics or project metadata copyright Awesome Open Source 2018-2022