Gadzhovski / TRACE-Forensic-ToolkitView external linksLinks
Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.
☆205Nov 12, 2025Updated 3 months ago
Alternatives and similar repositories for TRACE-Forensic-Toolkit
Users that are interested in TRACE-Forensic-Toolkit are comparing it to the libraries listed below
Sorting:
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆19May 9, 2025Updated 9 months ago
- Extract files from Apple devices on Windows, Linux and MacOS. Mostly a wrapper for pymobiledevice3. Creates iTunes-style backups and "adv…☆425Feb 9, 2026Updated last week
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated last week
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 6 months ago
- Penguin OS Forensic (or Flight) Recorder☆40Dec 25, 2024Updated last year
- macOS forensic acquisition made simple☆213Updated this week
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Script to process PDF files☆21May 23, 2025Updated 8 months ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 3 months ago
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 3 months ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Windows Forensics Environment Builder☆179Dec 5, 2025Updated 2 months ago
- Windows Forensics Salt States☆21Updated this week
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆78Oct 20, 2025Updated 3 months ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- CLI tools for forensic investigation of Windows artifacts☆349Jul 21, 2025Updated 6 months ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆694Oct 22, 2025Updated 3 months ago
- Python web app for previewing data in a Chrome Profile Folder☆23Jul 1, 2024Updated last year
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆51Jan 26, 2025Updated last year
- /ˈhäjˌpäj/ "a confused mixture."☆13Updated this week
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated 7 months ago
- A script to convert a Cellebrite UFDR to the original file structure.☆73Mar 21, 2022Updated 3 years ago
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- Hardened your Windows OS against forensics analysis☆23Nov 27, 2024Updated last year
- Browser Reviewer is a portable forensic tool for analyzing user activity in Firefox and Chrome-based browsers. It extracts and displays b…☆55Oct 10, 2025Updated 4 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆645Nov 7, 2025Updated 3 months ago
- $MFT directory tree reconstruction & FILE record info☆325Oct 7, 2024Updated last year
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Automatically create iSCSI targets for all drives except for a boot device☆25May 23, 2025Updated 8 months ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Forensic Artifact Collection Tool for macOS☆118Jul 28, 2025Updated 6 months ago
- ☆25Jul 23, 2024Updated last year
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆110Feb 6, 2026Updated last week
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆342Dec 3, 2025Updated 2 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆117Nov 28, 2023Updated 2 years ago
- Forensic Imaging quickstarts!☆13Aug 12, 2022Updated 3 years ago