"topic:sleuthkit" — Search

24 results for “topic:sleuthkit”

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

C++3.0k679Updated 15 hours ago

forensicsincident-responsentfssleuthkittct

sumeshi/ntfsfind

An efficient tool for search files, directories, and alternate data streams directly from NTFS image files.

Python282Updated 1 week ago

dfire01forensicsmftntfspythonrawsleuthkitvhdvhdxvmdk

sumeshi/ntfsdump

An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.

Python225Updated 1 week ago

dfire01forensicsntfspythonrawsleuthkitvhdvhdxvmdk

shujianyang/btrForensics

Forensic Analysis Tool for Btrfs File System.

C++201Updated 7 years ago

btrfsforensic-analysissleuthkit

wv8672/digital-forensics-labs

A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.

148Updated 5 years ago

analysisencase-forensicforensicsftksleuthkitvolatility

nov3mb3r/dfir

Collection of popular DFIR tools in a lightweight and fast docker image

Dockerfile111Updated 6 years ago

disk-analysisdockerforensicsmemory-analysisregistry-analysissleuthkitvolatility

nannib/NBTEMPOW

NBTempoW V. 2.1 is a forensic tool for making timelines from block devices image files (raw, ewf,physicaldrive, etc.). It uses TSK (The Sleuthkit) and it has been developed with Lazarus V. 1.6.2 ( Delphi compatible cross-platform IDE for Rapid Application Development). It runs only in Windows. If the device image file is splitted, you can select just the first chunk.

Pascal75Updated 8 years ago

forensic-analysisforensicslazarussleuthkitthetimelinetskwindows

franckferman/DataDetective

🕵️‍♂️ Unlock the story hidden in data - Your digital investigation partner. TheSleuthKit (TSK) Python Wrapper.

Python50Updated 1 year ago

analysisdfirdfir-automationdisk-forensicsdisk-imageewfforensicforensic-softwareforensicsimage-forensicimage-forensicspythonpython-securitypython-wrapperpython3regrippersleuthkitthesleuthkittskwrapper

Sim4n6/Slack_handler

Python tool to extract File slacks from disk images.

Python40Updated 4 years ago

digital-forensicsdisk-imagesextractsleuthkit

Deepak710/python-sleuthkit-recover

Linux command line thumbstick file recovery script using SleuthKit

Python41Updated 6 years ago

linuxpythonpython-3python3sleuthkit

HyperHamster/sleuthkit-recoverdir

A Bash script that utilizes The Sleuth Kit to recover directories in their entirety

Shell31Updated 8 years ago

bash-scriptcommand-linecommand-line-tooldata-recoverysleuthkit

turulomio/recovermypartition

Recover normal and deleted files from a partition

Python30Updated 7 years ago

recover-filessleuthkit

tanner-g/iKnowdeDiscovery

Forensic Inode Analysis

Python30Updated 7 years ago

forensics-investigationsinodesleuthkit

gigachad80/Autopsy-Dark-Mode

Use Autopsy Tool in Dark Mode

Java10Updated 4 months ago

autopsyautopsy-darkautopsy-dark-modeautopsy-dark-themeautopsy-guiautopsyplugindark-modedark-themedfirdigital-forensicsflatlafmvnnbmnetbeans-projectsleuthkit

usrtem/Digital-Forensics-Labwork

A collection of digital forensics lab reports covering Linux artifact recovery, shell history analysis, bash script forensics, and incident reconstruction using tools like SleuthKit, Auditd, and command-line utilities.

10Updated 9 months ago

auditdbash-artifactscrondigital-forensicse3forensic-analysisftk-imagerincident-responselinux-forensicsmactimemobile-forensicsshell-historysleuthkitsteganalysistimeline-analysis

alok-kumar8765/Data_Recovery_Using_Python

Open-source forensic imaging & file-carving suite that recovers 40+ formats (JPEG, PNG, PDF, DOCX, MP4, ZIP, WAV, etc.) from raw disks, USB sticks, SD cards or disk-images. Creates bit-for-bit copies, SHA-256/MD5/SHA-1 triple hashes, logs chain-of-custody, exports deleted entries via The Sleuth Kit and performs multi-threaded signature-based .

Python10Updated 2 months ago

chain-of-custodycybersecuritydata-recoverydata-sciencedfirdigital-forensicsdisk-imagingfilecarvingforensicsopen-sourcephoto-recpythonrecovery-toolsd-card-recoverysleuthkitusb-recovery

erfanghorbanee/DigitalForensics-UNIGE

Solutions to some assignments of the Digital Forensics course that I took during my master's degree at UNIGE (University of Genova).

10Updated 1 year ago

filesystemforensicssleuthkittestdisk

tgmars/flshell

An interactive shell for The Sleuth Kit's fls tool.

Go10Updated 6 years ago

dfirdisk-imageforensicsicatinteractiveistatshellsleuthkittsk

labcif/autopsy-packagerArchived

Automatic Github Workflows packager for autopsy

Shell13Updated 2 years ago

archlinuxautomationautopsydebiandebian-packagesforensicsgithub-workflowspackagerpackagingsleuthkit

ngvuthdanhh/certificate-intro-to-dfir-divide-and-conquer-sleuthkitlabs

Certificate repository for the "Intro to DFIR: Divide & Conquer" course by SleuthKitLabs - containing notes, labs, operations guides, and completion certificate.

00Updated 3 months ago

cybersecuritydigital-forensicsdisk-forensicsevidence-handlingforensic-analysisgithublearningincident-responsesleuthkit

CERT-EDF/fossil

A post-mortem analysis tool for raw disk/partition images

Python01Updated 4 months ago

cli-appdfirdfir-automationpost-mortemsleuthkit

arazazi/unfold

🕵️ An AI-powered forensic orchestration engine for automated disk and memory analysis. Bridges the gap between raw data and actionable intelligence using LLMs (DeepSeek/OpenRouter).

HTML00Updated 1 month ago

ai-forensicscybersecuritydfirdigital-forensicsdigital-forensics-and-incident-responseforensicsincident-responsemalware-analysispythonpython3sleuthkitvolatility3

sequence-sh/TSKConnector

This repository is a mirror of https://gitlab.com/sequence/connectors/tsk

C#00Updated 3 years ago

automationautopsyediscoveryedrmforensicsorchestrationsequencesleuthkittsk

Komuda146/Forensics-Tools

Provide a curated set of digital forensics and incident response tools for Linux, MacOS, memory, and mobile investigations.

00Updated just now

binary-analysiscomputer-forensicsdfirdigital-forensicsforensic-analysisforensicsfreeimage-analysisincident-responsemacosmetadametadatanetworkopen-sourceosintpythonsleuthkittct