A quick reference guide for python script development in DFIR
☆18Mar 20, 2024Updated 2 years ago
Alternatives and similar repositories for python-forensics-handbook
Users that are interested in python-forensics-handbook are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated 10 months ago
- introduction to distributed scanning using vultr☆11Apr 29, 2017Updated 9 years ago
- SIEM Detection Use Case Library mapped to MITRE ATT&CK tactics and techniques☆12Oct 28, 2018Updated 7 years ago
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.☆18Apr 30, 2025Updated last year
- A tool for fetching DFIR and other GitHub tools.☆27Aug 2, 2025Updated 8 months ago
- This repo contains C/C++ snippets that can be handy in specific offensive scenarios.☆14May 31, 2024Updated last year
- Script to process PDF files☆21May 23, 2025Updated 11 months ago
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 5 months ago
- This repo is all about Blue teamming and CyberDefenders Write-up for their DFIR challenges☆19Nov 5, 2023Updated 2 years ago
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- Collection of scripts and tools related to the eCTHPv2 exam by INE.☆19Jun 12, 2022Updated 3 years ago
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Jun 24, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A guide to setting up Windows and MacOS the way I like it☆22Jun 25, 2025Updated 10 months ago
- Windows 10 Live Information viewer☆39Jan 27, 2022Updated 4 years ago
- Queries for Carbon Black Response☆11Feb 11, 2020Updated 6 years ago
- virustotal API-based project for checking the list of hashes against virustotal.com database☆11Feb 26, 2018Updated 8 years ago
- A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…☆55Jan 3, 2022Updated 4 years ago
- A tool to parse Firefox and Chrome HSTS databases into forensic artifacts!☆25Jan 8, 2026Updated 3 months ago
- Code for the Python Digital Forensics Cookbook☆70Nov 23, 2017Updated 8 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- Some of the lab files for the SANS Institute course SEC505: Securing Windows and PowerShell Automation: https://sans.org/sec505☆18Jun 8, 2017Updated 8 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Command and Control Framework☆13Mar 23, 2024Updated 2 years ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆42Apr 18, 2026Updated last week
- a GUI Interface for DFIR Open Source Tools☆10Jun 16, 2015Updated 10 years ago
- macOS Artifacts☆33Mar 2, 2025Updated last year
- Offsec PWB Lab Tools☆13Nov 14, 2013Updated 12 years ago
- Some dfir stuff☆31Jan 12, 2022Updated 4 years ago
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersec…☆16Jul 19, 2025Updated 9 months ago
- dcfldd - enhanced version of dd for forensics and security☆72Jun 17, 2018Updated 7 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆33Jan 1, 2020Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A simple DNS exfiltration script☆11Apr 17, 2023Updated 3 years ago
- A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life …☆40Jan 6, 2025Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Search an entire directory of .eml email files for a word or phrase... in over 100 languages.☆12Feb 28, 2023Updated 3 years ago
- Windows.EDB Browser☆61Mar 6, 2023Updated 3 years ago
- An ocrmypdf front-end / batch job designer☆17Sep 1, 2023Updated 2 years ago
- A curated list of digital forensic tools.☆21Dec 2, 2019Updated 6 years ago