❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device…
A curated list of awesome forensic analysis tools and resources
Updated Dec 20, 2018
WinDBG Anti-RootKit Extension
Updated Feb 13, 2018
Python script to decode common encoded PowerShell scripts
Updated Jun 13, 2018
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files …
Updated Aug 4, 2018
A collection of tools for forensic analysis
Updated Dec 26, 2017
WhatsApp Parser Toolset
Updated Jun 22, 2018
Script to remove homoglyphs and zero-width characters to allow for safe distribution of documents from anonymous sour…
Awesome list of digital forensic tools
Updated Mar 28, 2018
CLI utility and Python API for analyzing log files and other data.
Rootkit Detector for UNIX
Updated May 31, 2018
Ruby gem to measure images similarity
Updated Jul 31, 2018
Analyze and help extract older "hidden" versions of a pdf from the current pdf.
Updated Aug 18, 2018
Tools for inspecting VM disk images
Updated Nov 23, 2018
Recover files from damaged BTRFS filesystems
Updated Feb 18, 2019
The Python implementation of the AFF4 standard.
Updated Feb 12, 2019
CIFv3 Ubuntu 16.04 Docker Container (Bearded Avenger)
Updated Apr 18, 2018
Forensic Analysis Tool for Btrfs File System.
Updated Aug 6, 2018
Repo for Reports on forensic analysis of various File Systems (NoWare to Hide)
Updated Jul 3, 2018
hook detector using emulation and comparing static with dynamic outputs
Updated Jun 16, 2018
Logs Forensic Investigator SSH
Updated Oct 27, 2018
PowerShell wrapper for WinDump
Updated Feb 18, 2017
A dedicated repo to interact with the API of Timesketch
Updated Jan 10, 2019
A powerful forensic commandline tool for analyzing Microsoft Prefetch files.
Updated May 2, 2018
A curated list of digital forensic tools.
NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.)…
Updated Mar 29, 2017
Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.
Updated Oct 13, 2018
Dockerfile with tools for analyzing malicious documents.
Updated Dec 3, 2017
Extracts JPEG's from Android Thumbdata3 files, and similar
Updated Oct 8, 2018
A logfile analysis tool for cyberforensics investigators.
Updated Aug 16, 2018