1-Click push forensics evidence to the cloud
☆144Mar 16, 2026Updated this week
Alternatives and similar repositories for GiftStick
Users that are interested in GiftStick are comparing it to the libraries listed below
Sorting:
- Automation and Scaling of Digital Forensics Tools☆787Updated this week
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- A framework for orchestrating forensic collection, processing and data export☆345Updated this week
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Python library to carry out DFIR analysis on the Cloud☆502Mar 2, 2026Updated 2 weeks ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆23Oct 31, 2018Updated 7 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Mar 16, 2018Updated 8 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Tools to assist in forensicating docker☆86Mar 5, 2025Updated last year
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆210Oct 19, 2020Updated 5 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 7 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.☆39Apr 11, 2020Updated 5 years ago
- Public Profile Repository for Rekall Memory Forensic.☆101Oct 20, 2020Updated 5 years ago
- Tools for DFIR☆121Jan 25, 2018Updated 8 years ago
- ☆21Feb 10, 2021Updated 5 years ago
- Shim database persistence (Fin7 TTP)☆37Feb 25, 2020Updated 6 years ago
- macOS (& ios) Artifact Parsing Tool☆1,015Mar 8, 2026Updated last week
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- Automated Memory Forensic☆34Jul 18, 2018Updated 7 years ago
- Digital Forensics Artifacts Knowledge Base☆90Dec 23, 2025Updated 2 months ago
- Digital Forensics artifact repository☆1,213Feb 11, 2026Updated last month
- A modern Python-3-based alternative to RegRipper☆208Mar 31, 2025Updated 11 months ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Super timeline all the things☆2,034Feb 10, 2026Updated last month
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Deploy Kolide's Fleet into AWS using Terraform.☆15Apr 18, 2018Updated 7 years ago
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- Python script to pull various IOCs from PDFs☆15Dec 22, 2014Updated 11 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆209Sep 15, 2021Updated 4 years ago
- Rekall Memory Forensic Framework☆1,999Oct 18, 2020Updated 5 years ago
- An agent that performs user actions on a workstation☆13Jan 22, 2018Updated 8 years ago
- ☆24Mar 12, 2025Updated last year
- CDPO is a tool to validate, de-duplicate, combine, query, and encrypt track data recovered from a breach.☆15Jun 23, 2017Updated 8 years ago
- A Terraform module for GRR: the distributed incident forensics and response framework☆52May 6, 2020Updated 5 years ago
- Yet another registry parser☆137Apr 15, 2022Updated 3 years ago