Tools for DFIR
☆120Jan 25, 2018Updated 8 years ago
Alternatives and similar repositories for ForensicsTools
Users that are interested in ForensicsTools are comparing it to the libraries listed below
Sorting:
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Kaspersky's GReAT KLara☆732Jul 24, 2024Updated last year
- Golang Parser for Microsoft Event Logs☆105Nov 7, 2025Updated 3 months ago
- Quick & Dirty DFIR scripts developed by Ebryx DFIR team to keep handy during field assignment☆14Jan 7, 2026Updated last month
- ☆17Sep 15, 2017Updated 8 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆119Nov 6, 2020Updated 5 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆218Jul 17, 2020Updated 5 years ago
- Windows 10 Live Information viewer☆38Jan 27, 2022Updated 4 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- An NTFS/FAT parser for digital forensics & incident response☆217Oct 31, 2025Updated 4 months ago
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- Automated Memory Forensic☆34Jul 18, 2018Updated 7 years ago
- Yet another registry parser☆138Apr 15, 2022Updated 3 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- A sort of a toolkit to decrypt Dropbox Windows DBX files☆31Apr 30, 2017Updated 8 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago
- Scripts and code referenced in CrowdStrike blog posts☆337Nov 13, 2019Updated 6 years ago
- Tools for AWS forensics☆65Mar 4, 2016Updated 9 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆14Dec 27, 2025Updated 2 months ago
- Work in Progress repo☆15Apr 18, 2019Updated 6 years ago
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- 1-Click push forensics evidence to the cloud☆144Sep 23, 2025Updated 5 months ago
- Collection of SQL query templates for digital forensics use by platform and application.☆112Apr 17, 2021Updated 4 years ago
- A better strings utility!☆150Feb 8, 2026Updated 2 weeks ago
- A pcap capture analysis helper☆25Aug 30, 2023Updated 2 years ago
- Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any…☆60Nov 10, 2018Updated 7 years ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- Web interface for the Volatility Memory Forensics Framework☆260Nov 21, 2017Updated 8 years ago
- Published Articles of the Past (trying to be as complete as possible)☆15Jan 20, 2021Updated 5 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- ☆52Sep 17, 2018Updated 7 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆25Mar 25, 2021Updated 4 years ago