Forensic tool for acquisition, triage and analysis of remote block devices via iSCSI protocol.
☆44Oct 25, 2024Updated last year
Alternatives and similar repositories for SPECTR3
Users that are interested in SPECTR3 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- MFT and USN parser that allows direct extraction in filesystem timeline format (mactime), dump all resident files in the MFT in their ori…☆13May 10, 2023Updated 2 years ago
- CyLR - Live Response Collection Tool☆10Jul 14, 2020Updated 5 years ago
- ☆21Jan 28, 2026Updated last month
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 9 months ago
- Bash script for performing the logical acquisition of Apple Silicon Mac☆17Jun 21, 2024Updated last year
- /ˈhäjˌpäj/ "a confused mixture."☆13Mar 17, 2026Updated last week
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated 3 months ago
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- L.I.A.M is an open source case management system for digital forensics labs. Law-Enforcement Investigations and Asset Management☆13Jul 4, 2025Updated 8 months ago
- Automatically create iSCSI targets for all drives except for a boot device☆25May 23, 2025Updated 10 months ago
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- Netwitness Maltego integration Project☆18May 9, 2017Updated 8 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated 9 months ago
- Forensic Artifact Collection Tool for macOS☆119Jul 28, 2025Updated 7 months ago
- Library to handle the files in zff format (file format to store and handle forensic acquisitions).☆21Mar 9, 2026Updated 2 weeks ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 2 years ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆648Nov 7, 2025Updated 4 months ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- mister-skinnylegs is an open plugin framework for parsing website/webapp artifacts in browser data. It currently provides a command line …☆20Nov 14, 2025Updated 4 months ago
- Execute embedded Mimikatz☆13Nov 24, 2021Updated 4 years ago
- Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.☆18Apr 30, 2025Updated 10 months ago
- A quick reference guide for python script development in DFIR☆17Mar 20, 2024Updated 2 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Dec 21, 2021Updated 4 years ago
- Documentation for DFIR ORC, artefact collection tool dedicated to Microsoft Windows☆12May 23, 2025Updated 10 months ago
- Microsoft Office365 Protection Center Audit Log Parser☆27Jul 17, 2023Updated 2 years ago
- VMDK Forensic Artifact Extractor (VFAE) is windows based tool written in C++ that extracts files with a known location from VMDK images r…☆17Aug 7, 2015Updated 10 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life …☆39Jan 6, 2025Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Extract common Windows artifacts from source images and VSCs☆65May 10, 2021Updated 4 years ago
- A tool for fetching DFIR and other GitHub tools.☆26Aug 2, 2025Updated 7 months ago
- FRAC and RIFT☆17Mar 16, 2019Updated 7 years ago
- A curated list of KAPE-related resources☆184May 1, 2025Updated 10 months ago
- Hunt for SQLite files used by various applications☆30Mar 1, 2026Updated 3 weeks ago
- FIT is a modular suite of Python applications for digital forensic acquisition of online contents such as web pages, emails, social media…☆99Mar 6, 2026Updated 2 weeks ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago