A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and reactions from a Microsoft Teams IndexedDB LevelDB database.
☆117Jan 19, 2026Updated last month
Alternatives and similar repositories for forensicsim
Users that are interested in forensicsim are comparing it to the libraries listed below
Sorting:
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆229Jan 6, 2026Updated 2 months ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Python web app for previewing data in a Chrome Profile Folder☆23Jul 1, 2024Updated last year
- USN Journal full path builder☆66Sep 16, 2024Updated last year
- Parser fo macOS/iOS FSEvents Logs☆43May 6, 2024Updated last year
- Autopsy Module to analyze Registry Hives☆16Feb 18, 2022Updated 4 years ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆33Nov 16, 2023Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆64Dec 18, 2024Updated last year
- Carve file metadata from NTFS index ($I30) attributes☆71Feb 3, 2024Updated 2 years ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆168Dec 7, 2025Updated 2 months ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Forensics triage tool relying on Volatility and Foremost☆25Dec 3, 2023Updated 2 years ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 2 years ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated 3 weeks ago
- ☆35Aug 4, 2018Updated 7 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- ☆215Dec 2, 2025Updated 3 months ago
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 7 months ago
- Work in Progress repo☆16Apr 18, 2019Updated 6 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- ☆62Oct 12, 2024Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆253Oct 29, 2025Updated 4 months ago
- ☆24Mar 12, 2025Updated 11 months ago
- Multicore EVTX to Elasticsearch ingestor for incident responders.☆14May 12, 2021Updated 4 years ago
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- Takajō (鷹匠) is a Hayabusa results analyzer.☆151Feb 23, 2026Updated last week
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆87Dec 20, 2024Updated last year
- An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.☆28Feb 21, 2026Updated last week
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆25Mar 25, 2021Updated 4 years ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Sep 8, 2022Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.☆22Feb 21, 2026Updated last week
- A list of Autopsy awesome plugins.☆77Jan 20, 2022Updated 4 years ago
- Tool to perform lateral movement between AAD joined devices☆65Jun 8, 2022Updated 3 years ago
- A cross platform parser for Apple UnifiedLogs!☆331Feb 15, 2026Updated 2 weeks ago