An open source project aimed to replicate the Windows SIFT Machine and tools used during SANS Courses minus any payware software.
☆25Oct 18, 2023Updated 2 years ago
Alternatives and similar repositories for forensicssetup
Users that are interested in forensicssetup are comparing it to the libraries listed below
Sorting:
- Windows Forensics Salt States☆21Feb 23, 2026Updated last week
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- Rolling Timeline for Incident Recorder.☆14Dec 4, 2023Updated 2 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Notepad++ plugins - Open File In Solution (OFIS), Tortoise SVN, Solution Tools, SolutionHub and SolutionHub UI☆15Jun 1, 2022Updated 3 years ago
- A conglomeration of resources for any color of the rainbow☆14Feb 12, 2026Updated 3 weeks ago
- RegRipper4.0☆84Dec 10, 2025Updated 2 months ago
- This tool is meant to parse an NTFS $MFT file.☆15Mar 26, 2024Updated last year
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated last year
- A set of "Tweaking Scripts" taken (Prior to Removal - at Author's request) from https://forums.mydigitallife.net/threads/82116 and with p…☆11Feb 11, 2024Updated 2 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- http://moaistory.blogspot.com/2016/08/ie10analyzer.html☆19Jul 20, 2024Updated last year
- Vault of Windows Registry forensic artifacts☆28Nov 12, 2025Updated 3 months ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Updated this week
- A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life …☆39Jan 6, 2025Updated last year
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- A series of python scripts to extract information from SQLite Data Files☆21Nov 15, 2025Updated 3 months ago
- Multi-quarantine extractor☆52Feb 4, 2026Updated last month
- Attempts to reverse a given partial hash to a phone number (or email) given the area code. Written for python3.☆20Oct 25, 2022Updated 3 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆93Jun 3, 2021Updated 4 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated 3 weeks ago
- Sharing Threat Hunting runbooks☆25Jul 5, 2019Updated 6 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Jan 8, 2024Updated 2 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- Right Click Context Menu Editor for Windows☆29Feb 1, 2026Updated last month
- Powerful commandline $MFT record editor.☆25Aug 15, 2015Updated 10 years ago
- IR Code Sharing for the Canadian Institutional Research and Planning Association☆13May 30, 2025Updated 9 months ago
- Curso de procesamiento de imágenes con Python☆12Feb 26, 2020Updated 6 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Jun 24, 2025Updated 8 months ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…☆55Jan 3, 2022Updated 4 years ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆30Jan 9, 2025Updated last year
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 7 years ago
- Powering Up Incident Response with Power-Response☆63Mar 5, 2020Updated 6 years ago
- Parser fo macOS/iOS FSEvents Logs☆43May 6, 2024Updated last year