Search Results for "digital forensics"
Sort By:
Showing 29 open source projects for "digital forensics"
View related business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
Autopsy
Autopsy® is a digital forensics platform and graphical interface
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card. Autopsy was designed to be intuitive out of the box. -
2
Digital Forensics Guide
Learn all about Digital Forensics and Computer Forensics
The Digital Forensics Guide repository is a comprehensive, structured reference for investigators, analysts, students, and cybersecurity professionals interested in digital forensics principles, tools, methodologies, and workflows. It organizes foundational topics such as evidence acquisition, disk and memory analysis, file system structures, network forensics, artifact extraction, timeline generation, and reporting into digestible modules that help build core competency. ... -
3
Volatility
An advanced memory forensics framework
...It enables investigators and malware analysts to extract process lists, network connections, DLLs, strings, artifacts, and more. Volatility supports many plugins for detecting hidden processes, malware, rootkits, and event tracing. It’s essential in digital forensics and incident response workflows. -
4
Social-Analyzer
API, CLI, and Web App for analyzing and finding a person's profile
...The project includes modular detection and analysis components that users can enable depending on their investigative needs. It is commonly used in cybersecurity, digital forensics, and reconnaissance workflows where identity correlation is required. Social Analyzer emphasizes flexibility, allowing integration into automated pipelines or manual investigations. Overall, the project functions as a powerful reconnaissance engine for mapping online identities at scale. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Sherloq
An open source digital image forensic toolset
Sherloq is a research-oriented toolkit designed for digital image forensics, providing an integrated environment to experiment with algorithms for image analysis and tampering detection. Rather than functioning as an automated decision-making system, it serves as a companion tool for researchers, enthusiasts, and students who want to explore forensic techniques from scientific literature and workshops. -
6
Detect It Easy
Program for determining types of files for Windows, Linux and MacOS
Detect It Easy (DiE) is a tool for determining the type and internal features of binary and other file formats. It is widely used by malware analysts, digital forensics investigators, reverse engineers, and security researchers to quickly inspect unknown files and infer their type, architecture, compiler/packer used, and internal structure. DiE supports a large variety of file formats — from common executables (Windows PE, Linux ELF, macOS Mach-O) to archives, mobile packages (APK, IPA), legacy binaries, compressed or packed files, and more — making it a versatile first step in analysis or triage workflows. ... -
7
HackerRepo.org
Collection of cybersecurity-related references, scripts, tools, code
HackerRepo is a massive curated repository that aggregates thousands of cybersecurity, ethical hacking, and digital forensics resources into a single structured knowledge base. The project is designed as a companion learning hub for security professionals, penetration testers, and researchers who want organized access to tools, references, and training material. It spans both offensive and defensive security topics, including exploit development, threat hunting, reverse engineering, AI security, and bug bounty methodologies. ... -
8
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
-
9
key-elf
Forensic tool to recover lost BTC private keys.
A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. If needed, please visit:... -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
10
Stegcore
A cross-platform crypto-steganography toolkit
...Unlike basic steganography tools that hide data without encrypting it, Stegcore ensures the payload is cryptographically protected at rest. Unlike pure encryption tools, the payload isn't even visible. Designed for journalists, security researchers, red teamers, digital forensics professionals, and CTF participants. -
11
Linux Engineer Toolkit Live
Portable Linux engineer toolkit for recovery, repair & data rescue
Linux Engineer Toolkit (LengToolkit) Live is a specialized, recovery-oriented Linux distribution designed for system engineers and IT professionals. Operating exclusively in Live mode, it provides a robust environment to rescue failing systems, recover lost data, and manage disk infrastructures without the need for installation. -
12
WTE
Forensic Windows Triage Environment
...WTE is an easy to use, integrated forensic system that enables an investigator to safely image, preview and analyze internal hard drives (DeadBox), and also to conduct live forensics (LiveBox) or data recovery, using their tool(s) of choice. Safely and Easily Search and Triage with no need to disassemble computers or laptops, or to use physical write-blockers or any heavy and expensive forensic station. WTE is provided on USB and CD, allowing users to perform a quick triage in a forensic manner booting from WTE Boot or on live systems and collecting digital evidence properly prepared to judicial authority submission. ... -
13
CCTV Frame Timestamp Extractor
CCTV Footage Timestamp Search Tool
Python script to address the problem of manually locating required event timestamps from carved CCTV DVR footages. Full details can be found in the paper published in Eighteenth Annual IFIP WG 11.9 International Conference on Digital Forensics. Link to paper: https://link.springer.com/chapter/10.1007/978-3-031-10078-9_8 The project has been divided into four modules: Framextract.py- Extracts frames from video footages Reconstruct.py- Attempts to repair unplayable video by extracting the frames. framestitch.py- Attempts to construct video using frames extracted from unplayable video. ... -
14
chandrasekar Rathinam
SIEM | SOAR | Incident Response | Digital Foensics
Sharing my document like SIEM | SOAR Use Cases, Incident Response Templates, Breach Runbook, Digital Forensics Tools, Penetration testing sample reports and Infosec Policies templates to help infosec community to build the SOC | MSSP's . -
15
Digital Forensics
Covers Windows volatile memory forensics to reconstruct user activity
The project covers the digital forensics investigation of the Windows volatile memory. A plug-in for the volatility tool is implemented to extract the Windows 7 registry related information such as registry key value, name specific to the user activity from the volatile memory dump. The plug-in also provides the information about registry keys accessed by the running process from the Windows volatile memory dump. -
16
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used... -
17
Advanced Persistent Security
Advanced Persistent Threat Security
The architecture of the system is integrated by different Fingerprinting mechanisms. The system is designed from a core that avoids the detection of sdhash and Memory analysis Built-in security, allows anonymous browsing by filtering requests external identification, Exit Tor Nodes and using the TOR Fingerprinting structure The system is designed to navigate without being detected or registered by any search engine or online platform denying all types of response to servers, The... -
18
NetworkMiner packet analyzer
The Network Forensics Tool
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can also extract transmitted files from network traffic. New versions of NetworkMiner are released exclusively on www.netresec.com since version 2.0 of NetworkMiner. This page on SourceForge is only kept to provide hosting of older versions of the software. To get the latest version of... -
19
-
20
Mandragora Linux
A hardened Linux desktop for use in DFIR and Vulnerability Assessments
Mandragora Linux - A hardened Linux desktop for use in Digital Forensics-Incident Response (DFIR) and Vulnerability Assessments. Mandragora leverages AppArmor security profiles and auditing, LXC Container Sandboxing (Arkose) and Tor and I2P for enhanced privacy. Mandragora is built upon Ubuntu 12.04 LTS and uses the GNOME3 Classic desktop environment. -
21
KareFa Linux
K(C)omputer Advance REsponse toolkit and Forensics Analys
KareFa Linux adalah merupakan distribusi GNU/Linux berbasis Ubuntu 10.4.4 LTS, yang disesuaikan dengan kebutuhan penggunaan komputer untuk masyarakat indonesia dengan tambahan applikasi Digital Forensics dari Backtrack dan DEFTLinux. KareFa Linux di release pertama ini menggunakan Kernel bawaan dari ubuntu 10.4.4 LTS yaitu kernel 2.6.32-26-generic dengan file image berukuran 3.6 GB. -
22
NetKitty
NetKitty is a GUI for Netcat
...The listener is first used to “listen” and wait for an incoming connection. Once listening, the sender can be used on another computer to send a file to the computer that is running the listener. NetKitty can be very beneficial to the digital forensics community, as it allows the easy transfer of files or images which can then be forensically examined. -
23
Rapid Evidence Acquisition Project for Event Reconstruction (REAPER) - Open Source forensic environment for the complete automation of the digital investigation process. At its core is Debian Live and the Open Computer Forensics Architecture (OCFA).
-
24
-
25
mac-robber is a digital forensics and incident response tool that can be used with The Sleuth Kit to create a timeline of file activity for mounted file systems.
