⭐️ A curated list of awesome forensic analysis tools and resources
-
Updated
Mar 10, 2025
#
computer-forensics
Here are 39 public repositories matching this topic...
❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
python network-diagram security pcap packets network tor traffic forensics cybersecurity computer-forensics forensic-analysis tor-traffic
-
Updated
Mar 28, 2022 - Python
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
macos linux shell freebsd security terminal openbsd script esxi incident-response forensics dfir netscaler collector netbsd solaris aix triage computer-forensics live-response
-
Updated
Mar 20, 2025 - Shell
The best tools and resources for forensic analysis.
security analysis scanner hacking forensics digital-forensics computer-forensics forensic-analysis security-tools forensics-tools
-
Updated
Feb 24, 2023
Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
-
Updated
Jan 18, 2022 - Python
-
Updated
Dec 23, 2024
unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
linux freebsd security unix openbsd script esxi incident-response posix forensics dfir solaris triage computer-forensics blueteam dfir-automation live-response forensics-tools
-
Updated
Jan 1, 2025 - Shell
This will compile a list of Android, iOS, Linux malware techniques for attacking and detection purposes.
-
Updated
Nov 29, 2022
A Volatility plugin for finding sqlite database rows
-
Updated
Jul 14, 2019 - Python
Kali Linux in Docker + Ubuntu 22.04 in Docker for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. Kali Linux inside with Docker with or without support with systemd, repository also contains Proof of Concept with kind (Kubernetes in Docker) to test Kali Linux with enabled systemd in K8s cluster
docker dockerfile ubuntu docker-compose makefile systemd cybersecurity bug-bounty security-vulnerability kali-linux vulnerability-detection vulnerability-scanners kali computer-forensics security-tools docker-kali-linux buildkit pentesting-tools trivy
-
Updated
Sep 18, 2024 - Dockerfile
An updated C# port of X-Ways X-Tensions API.
-
Updated
Mar 12, 2018 - C#
LiveDiff is a portable system-level differencing tool for Microsoft Windows-based operating systems
-
Updated
Dec 7, 2018 - C#
Extract valid or partially valid domain names and IPs from malicious or invalid URLs.
python url security extractor incident-response domain penetration-testing ip bug-bounty threat-hunting domain-name ethical-hacking computer-forensics threat-intelligence red-team-engagement defensive-security
-
Updated
Jun 19, 2023 - Python
Docker images of open source forensic tools
-
Updated
Nov 9, 2020 - Shell
Access Expert Witness Format (ewf/E01/L01) files using Golang
-
Updated
Mar 25, 2019 - Go
The forensic analysis write-up / walkthrough for forensic disk image.
-
Updated
Jul 23, 2022
A python-based tool to extract forensic info from ActivitiesCache.db (Windows Activity Timeline)
-
Updated
May 3, 2023 - Python
CFREDS case study for subject code: CTMTCS S2 P2
-
Updated
Nov 6, 2022
CTF Suite is a collection of tools you can use during Capture The Flag competitions. These tools are aimed at specific categories of problems and are specific to Jeopardy-style CTFs.
-
Updated
Feb 26, 2021 - Python
Parrot OS (Core/Security) or just Parrot Tools in Docker with the usage of Makefile, Dockerfiles and docker-compose.yaml for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering, repository also contains Proof of Concept with kind (K8s in Docker) for ParrotOS with/without systemd in K8s cluster
docker kubernetes dockerfile docker-compose makefile systemd cybersecurity pentesting parrot computer-forensics parrot-os parrotos
-
Updated
Apr 13, 2024 - Makefile
Improve this page
Add a description, image, and links to the computer-forensics topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the computer-forensics topic, visit your repo's landing page and select "manage topics."