MacOS forensic acquisition made simple

A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts

A tool for fetching DFIR and other GitHub tools.

Vault of Windows Registry forensic artifacts

Cryptocurrency Triage Tool - Identify multiple cryptocurrency addresses and transactions from various wallet applications!

Casting light on shadow cloud deployments. Detect exposure of resources deployed in AWS.

Outil de triage automatisé de différents types de collectes d'artefacts.

Yerel ağlarda anomaly detection, saldırı tespiti ve adli bilişim analizi yapan tek Pythontkinter tabanlı açık kaynak araç. Özelleştirilebilir imza veritabanıyla Türkiye odaklı tehditleri yakalar!

A deployment and testing platform for Velociraptor's client artifacts

Convert Kape Files to DFIR-ORC configurations

OpenRelik ertools worker

A forensic command-line tool for deep analyzing PDF files

bfcpf stands for "Brute Force CPF" and it is a CLI tool that breaks a partial CPF, finding all valid ones within the pattern given by the user.

A tool to parse .lnk files

Hey! This is a comprehensive guide for crisis/incident management of the DFIR process. Refer to the README.md file for a sequential flow of content.

OpenSource DFIR Tool through Digging Deeper ....

This repository contains a collection of PowerShell scripts and commands designed to assist cybersecurity professionals in conducting log-based threat hunting, digital forensic investigations, and proactive security monitoring within Windows environments.

A collection of open-source tools and scripts for data recovery using Python, Bash, and more. It includes examples for recovering lost files, disk analysis, and automating recovery processes.

Wuodan is a command-line tool designed for efficiently searching through files and directories for strings or regular expressions