⭐️ A curated list of awesome forensic analysis tools and resources

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

A list of free and open forensics analysis tools and other resources

:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

Complete Solution for VAPT/AppSec and Pentesting Guide: Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting | SAST | DAST etc...

Collaborative Incident Response platform

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

WhatsApp Parser Toolset v1.59

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Avilla Forensics FREE

Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information.

WinDBG Anti-RootKit Extension

Awesome list of digital forensic tools

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

CLI tools for forensic investigation of Windows artifacts

A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.

A collection of tools for forensic analysis

Forensic toolkit for iOS sysdiagnose feature

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Python script to decode common encoded PowerShell scripts

Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.

Google Chrome forensic tool to process, analyze and visualize browsing artifacts

Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring 📱 to data analysis 📊, it offers a centralized platform for seamless OSINT investigations.

Strumenti di Acquisizione e Analisi di copie Forensi

CLI utility and Python module for analyzing log files and other data.

Wireshark-like forensic analysis for Model Context Protocol communications Capture, inspect, and investigate all HTTP requests and responses between your IDE and MCP servers

A tool for in-depth analysis of container checkpoints

Script to remove homoglyphs and zero-width characters to allow for safe distribution of documents from anonymous sources.

Rip Raw is a small tool to analyse the memory of compromised Linux systems.

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/