Forensics

#password-cracker#pdf-password-cracking#dictionary-attack

pdfripRust

A multithreaded PDF password cracking utility with structured search builders, checkpoint/resume, and optimized performance.

Stars1.4k

Forks138

#qt#file-analysis#shaders

VelesC++

Binary data analysis and visualization tool that converts raw bytes into interactive visual patterns for rapid insight.

Stars1.2k

Forks120

Last commit7 years ago

USBRipPython

A command-line forensics tool for tracking USB device connection history on GNU/Linux systems.

#digital-forensics#command-line-tool#usb-events

Stars1.2k

Forks113

Last commit3 years ago

macOS Artifact Parsing Tool (mac_apt)Python

A Python-based DFIR framework for extracting forensic artifacts from macOS and iOS disk images or live systems.

#apfs-parser#digital-forensics#macos-forensics

Stars1.0k

Forks125

Last commit16 days ago

haitiRuby

A CLI tool and library to identify hash types, supporting 675+ hash formats with hashcat and John the Ripper references.

#identify#hash#ctf-tools

Stars983

Forks59

Last commit3 days ago

BitCrackerC

An open-source GPU-accelerated password cracking tool for BitLocker-encrypted storage devices using dictionary attacks.

#cuda#hash#storage-security

Stars962

Forks207

PowerShellArsenalPowerShell

A PowerShell module for reverse engineering that disassembles code, analyzes malware, parses memory structures, and inspects Windows internals.

#disassembly#pe-parsing#dotnet-analysis

A standalone Python tool for applying SIGMA detection rules to EVTX, Auditd, Sysmon for Linux, and other log formats.

#sigma-rules#security#python3

Stars822

Forks114

Last commit6 days ago

FenrirShell

A lightweight Bash script for scanning Linux/Unix/OSX systems for Indicators of Compromise (IOCs) without installation.

#unix#malware-detection#bash-script

Stars776

Forks114

Last commit4 years ago

Laika BOSSPython

A scalable, modular object scanner and intrusion detection system that extracts, flags, and enriches files with metadata.

#file-analysis#metadata-extraction#python

Stars749

Forks161

#evtx-analysis#digital-forensics#digitalforensics

Awesome Event IDs

A curated collection of Event ID resources for digital forensics and incident response professionals.

Stars656

Forks89

#ctf-tools#penetration-testing#steganography

StegCrackerPython

A steganography brute-force utility that uncovers hidden data inside files by trying passwords from a wordlist.

Stars595

Forks106

Last commit5 years ago

docker-explorerPython

A forensic tool for exploring offline Docker container filesystems and metadata from disk images.

#digital-forensics#python-tool#container-security

Stars554

Forks45

#digital-forensics#python-tool#container-security

docker-explorerPython

A forensic tool for exploring offline Docker filesystems to analyze compromised containers.

Stars554

Forks45

#network-forensics#iot-security#ssh-fingerprinting

HASSHPython

A network fingerprinting standard that identifies SSH client and server implementations via MD5 hashes of algorithm sets.

Stars550

Forks75

#digital-forensics#ticket-system#soar

CatalystVue

A self-hosted incident response platform that automates alert handling and ticket management for security teams.

Stars530

Forks69

Last commit3 days ago

MalConfScanPython

A Volatility plugin that extracts configuration data and decoded strings from known malware families in memory images.

#digital-forensics#memory#security

Stars496

Forks69

#windows-security#live-data-acquisition#security-automation

PSReconPowerShell

A PowerShell script for live forensic data acquisition and endpoint lockdown during Windows incident response.

Stars493

Forks105

Last commit8 years ago

ir-rescueBatchfile

A Windows Batch and Unix Bash script suite for comprehensive host forensic data collection during incident response.

#batch-script#digital-forensics#sysinternals

Stars488

Forks92

Last commit5 years ago

pigC

A Linux packet crafting tool for generating attack signatures to test IDS/IPS and network security.

#ethernet-frames#attack-signatures#arp-spoofing

Stars476

Forks41

Last commit5 years ago

PyewPython

A command-line Python tool for malware analysis with hex viewing, disassembly, file format support, and plugin architecture.

#python-tool#disassembly#command-line-tool

Stars394

Forks94

Last commit6 years ago

inVtero.netC#

A high-speed memory forensics tool for analyzing physical memory dumps to find/extract processes and hypervisors using virtual machine introspection.

#digital-forensics#integrity-assurance#secure-hash

Stars296

Forks52

File Scanning FrameworkPython

A modular, recursive file scanning framework that extends Yara signatures to extract and analyze file objects for malware analysis and intelligence.

#file-analysis#security-automation#file-scanning

A curated list of tools and resources for understanding, detecting, and removing malware persistence techniques across operating systems.

#malware-detection#red-teaming#awesome-list

Stars292

Forks20

#container-security#kubernetes#crd-operator

kube-forensicsGo

A Kubernetes operator that creates checkpoint snapshots of running pods for offline forensic analysis after security incidents.

Stars232

Forks29

#siem#vulnerability-management#nist-compliance

LogESPPython

An open-source SIEM system built with Python Django for log management, risk assessment, and asset tracking.

Stars219

Forks69

#apache#web-security#security-analysis

LorgHTML

An advanced Apache logfile security analyzer for post-attack forensics, detecting web application attacks using multiple detection techniques.

Stars214

Forks47

Last commit7 years ago

EVTXtractPython

Recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

#digital-forensics#data-recovery#python

Stars211

Forks24

#windows-security#malware-detection#macos-security

Malware Persistence

A curated collection of information and tools for detecting, analyzing, and hunting malware persistence mechanisms across operating systems.

Stars188

Forks16

#hacktoberfest#macosx#malware-detection

SpyreGo

A simple, self-contained modular host-based IOC scanner built around the YARA pattern matching engine.

Stars179

Forks31

#syslog-parser#json-export#python-library

LogdissectPython

A CLI utility and Python library for parsing, filtering, and analyzing log files and other structured data.

Stars160

Forks23

#syslog-parser#json-export#python-library

LogdissectPython

A CLI utility and Python library for parsing, filtering, and analyzing log files and other structured data.

Stars160

Forks23

#container-security#honeypot#ssh-honeypot

DockerpotShell

A Docker-based honeypot that creates disposable containers to capture and analyze attack attempts.

Stars151

Forks16

Last commit11 years ago

Invoke-LiveResponsePowerShell

A PowerShell-based live response and forensic collection tool for targeted incident response on Windows systems.

#forensic-collection#digital-forensics#liveresponse

Stars150

Forks28

Last commit4 years ago

Awesome CTF Cheatsheet

A curated collection of tips, commands, and strategies for solving Capture the Flag (CTF) challenges and HackTheBox machines.

#hacking-tools#web-security#ctf-challenges

Stars134

Forks12