Digging Deeper....
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
A list of free and open forensics analysis tools and other resources
Tools OSINT MOBILE
A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
Imago is a python tool that extract digital evidences from images.
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely u…
Strumenti di Acquisizione e Analisi di copie Forensi
Windows Forensics Environment Builder
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.
Python programs & tools built in the Ethical Hacking with Python EBook
Enhanced version of dd for forensics and security
PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
Digital Forensics with Kali Linux, published by Packt
Hardware arduino based mouse emulator, preventing screen saver locking (eg. during forensic investigation)
Linux Incident Response Reporting
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Flash-IDS is an open-source system developed by the DART Laboratory for advanced intrusion detection using provenance graph representation learning. It implements the techniques presented in our IEEE S&P 2024 paper, "FLASH: A Comprehensive Approach to Intrusion Detection via Provenance Graph Representation Learning.
Add a description, image, and links to the forensics-investigations topic page so that developers can more easily learn about it.
To associate your repository with the forensics-investigations topic, visit your repo's landing page and select "manage topics."