sleuthkit / scalpel
Scalpel is an open source data carving tool. It is not being actively maintained.
☆635Updated 11 months ago
Alternatives and similar repositories for scalpel:
Users that are interested in scalpel are comparing it to the libraries listed below
- This is the development tree. Production downloads are at:☆1,172Updated last month
- Libewf is a library to access the Expert Witness Compression Format (EWF)☆272Updated 6 months ago
- Rekall Memory Forensic Framework☆1,944Updated 4 years ago
- Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by …☆2,565Updated this week
- SIFT☆501Updated last year
- Fuzzy hashing API and fuzzy hashing tool☆705Updated 3 years ago
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆2,738Updated this week
- Super timeline all the things☆1,792Updated last week
- Script for automating Linux memory capture and analysis☆269Updated 5 years ago
- LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices…☆1,791Updated 4 months ago
- DFF (Digital Forensics Framework) is a Forensics Framework coming with command line and graphical interfaces. DFF can be used to investig…☆283Updated 5 years ago
- Python low-interaction honeyclient☆1,003Updated last week
- Remote forensics meta tool☆465Updated 9 months ago
- The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.☆1,016Updated 3 years ago
- Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly re…☆324Updated last year
- Open Source Tripwire®☆880Updated last year
- The kernel patch and userspace tools to enable Linux software write blocking☆139Updated 4 years ago
- Volatility plugins developed and maintained by the community☆355Updated 3 years ago
- analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…☆467Updated 5 months ago
- Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key)☆226Updated 8 years ago
- Yara integrated software to handle archive file data.☆305Updated 2 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,075Updated 8 months ago
- Pulled Pork for Snort and Suricata rule management (from Google code)☆429Updated 3 years ago
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,871Updated last month
- Web browser forensics for Google Chrome/Chromium☆1,131Updated this week
- Builds malware analysis Windows VMs so that you don't have to.☆1,041Updated 3 years ago
- Powerful Python tool to analyze PDF documents☆1,344Updated 6 months ago
- Digital Forensics Virtual File System (dfVFS)☆207Updated 2 months ago
- AVML - Acquire Volatile Memory for Linux☆917Updated this week
- Simple Bash IOC Scanner☆722Updated 3 years ago