Search Results for "data forensics"
Sort By:
Showing 27 open source projects for "data forensics"
View related business solutions-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
Powerful App Monitoring Without Surprise BillsTired of monitoring tools that punish you for scaling? AppSignal offers transparent, predictable pricing with every feature unlocked on every plan. Track errors, monitor performance, detect anomalies, and manage logs across Ruby, Python, Node.js, and more. Trusted by developers since 2012 with free dev-to-dev support. No credit card required to start your 30-day trial.
-
1
GRR
GRR Rapid Response, remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. -
2
Digital Forensics Guide
Learn all about Digital Forensics and Computer Forensics
The Digital Forensics Guide repository is a comprehensive, structured reference for investigators, analysts, students, and cybersecurity professionals interested in digital forensics principles, tools, methodologies, and workflows. It organizes foundational topics such as evidence acquisition, disk and memory analysis, file system structures, network forensics, artifact extraction, timeline generation, and reporting into digestible modules that help build core competency. ... -
3
Radare2
UNIX-like reverse engineering framework and command-line toolset
...Analyze and emulate code with ESIL. Native debugger and GDB, WINDBG, QNX, and FRIDA. Navigate ASCII-art control flow graphs. Ability to patch binaries, and modify code or data. Search for patterns, magic headers, and function signatures. Easy to extend and modify. Commandline, C API, script with r2pipe in any language. -
4
X-Ways Forensics X-Tension API
Code and binaries for creating plugins for X-Ways Forensics
...While Python is mostly an interpreted language, and as such can have performance issues, its libraries contain optimized, native code that can make mass operations efficient. While C/C++ burdens the programmer with keeping track of what data needs to be released when, both Python and C# handle this task for the programmer. Links: X-Ways Forensics product site: https://www.x-ways.net/forensics/index-m.html X-Ways Forensics API reference: https://www.x-ways.net/forensics/x-tensions/api.html C++ sample project: -
Managed MySQL, PostgreSQL, and SQL Databases on Google CloudCloud SQL is a fully managed relational database for MySQL, PostgreSQL, and SQL Server. We handle patching, backups, replication, encryption, and failover—so you can focus on your app. Migrate from on-prem or other clouds with free Database Migration Service. IDC found customers achieved 246% ROI. New customers get $300 in credits plus a 30-day free trial.
-
5
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
Live-Forensicator is a toolkit intended for live forensic collection and initial triage on Windows machines. It automates the capture of volatile information—running processes, network connections, loaded drivers, account sessions, and in-memory artifacts—into a consistent artifact set that investigators can analyze offline. The tool tries to be non-invasive while collecting sensitive data quickly and logs the collection steps to preserve chain-of-custody details and to help auditors... -
6
key-elf
Forensic tool to recover lost BTC private keys.
A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. If needed, please visit:... -
7
Linux Engineer Toolkit Live
Portable Linux engineer toolkit for recovery, repair & data rescue
Linux Engineer Toolkit (LengToolkit) Live is a specialized, recovery-oriented Linux distribution designed for system engineers and IT professionals. Operating exclusively in Live mode, it provides a robust environment to rescue failing systems, recover lost data, and manage disk infrastructures without the need for installation. -
8
WTE
Forensic Windows Triage Environment
...WTE is an easy to use, integrated forensic system that enables an investigator to safely image, preview and analyze internal hard drives (DeadBox), and also to conduct live forensics (LiveBox) or data recovery, using their tool(s) of choice. Safely and Easily Search and Triage with no need to disassemble computers or laptops, or to use physical write-blockers or any heavy and expensive forensic station. WTE is provided on USB and CD, allowing users to perform a quick triage in a forensic manner booting from WTE Boot or on live systems and collecting digital evidence properly prepared to judicial authority submission. ... -
9
Chmod OS 64
The concept here is to have a NON POSIX Filesystem ...
The concept here is to have a NON POSIX Filesystem ... -
$300 in Free Credit Across 150+ Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale with Google Cloud.
-
10
Jack LIRE (Linked Record)
Quantum universal object system with referencing and genetics
Jack LIRE (Linked Record) is a quantum database-backed life-long text record diary with referencing (linking) between records, and a data library for life-long keeping of files such as documents, photographs, music and more. The diary records are fully searchable. Files can be mentioned in diary records to preserve memories, document knowledge and ideas, and more. Massive numbers of diary records and files can be permanently kept. A database located on one computer can be accessed from... -
11
F.H.C. live
Linux bootable LiveCD - Forensics Hard Copy
Forensic Hard Copy is a linux distribution, bootable from CD / USB (live), created exclusively to automate and speed up the identical copy of mass memories. Such copying procedures are commonly used in the field of forensic computers; it is orthodox practice in this field of information technology, to acquire data from the offending media so as to preserve them from possible alterations or damage, and then subsequently analyze the identical copy. The project was created to meet the... -
12
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used... -
13
Heliogabalus
Heliogabalus Rescue Live Linux Distribution
Forensics, data rescue, data backup, OS and filesystem maintenance and administration. CLI experts only. -
14
MS Word documents are one of the most commonly used file types. Therefore, extorting textual data from the MS Word document (docx file) can be achieved by decompressing the file. MS-Office Forensics is a tool developed so that it allows investigators to automatically decompress (unzip) the investigated MS Word document. Additionally, it automatically parses and analyzes the contents of the resulted XML files and subfolders. The user can extract various parts such as the document's textual data by paragraphs or by textual data blocks. ...
-
15
DVCS-Ripper
Rip web accessible (distributed) version control systems: SVN/GIT/HG
DVCS Ripper is a security and forensics toolkit that reconstructs source code repositories accidentally exposed on web servers. It understands multiple version-control systems—Git, Mercurial, Bazaar, and Subversion—and crawls their metadata directories to rebuild full history where possible. The utilities handle partial or blocked directory listings by guessing object paths and assembling missing pieces from loose files. Investigators and red-teamers use it to demonstrate the risk of... -
16
The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images.
-
17
ext2 info hiding mod
Information Hiding Modification for EXT2
...It's necessary to use a partition with enough adjacent free blocks (code length + holes for fragmentation) within a blockgroup, for this algorithm to work correctly. WARNING: This is experimental software and could cause crashes or data loss! -
18
HoneyDrive
Honeypots in a box! HoneyDrive is the premier honeypot bundle distro.
...It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, almost 90 well-known malware analysis, forensics and network monitoring related tools are also present in the distribution. -
19
Skype Xtractor
Xtractor for Skype's databases (main.db and chatsync)
Skype xtractor for Linux and Windows is a python tool developed for the Forensics distro DEFT Linux 8. Extracts data from the Skype's main.db, including contacts, chats, calls, file transfers, and deleted/modified messages from chatsync databases Usage: read README file Required: Python 2.7 Feedback and bug reporting appreciated :) -
20
examine
Table GUI for data file forensics.
A multi-document table interface with cells that can be formatted and colored by data slabs sampled from an input file, such as delimited, binary, or NetCDF. Plugin design allows for any type of data file to be imported and sliced as 2D slabs into the spreadsheet view. Intended for debugging array oriented data files down to the bit level. Uses wxPython. -
21
RŌNIN-LINUX
Linux Security Distro for Data Forensics, Pen. Testing, and IR.
RŌNIN is a linux security distribution (based on Lubuntu) that provides a platform for both training and conducting professional data forensics, penetration testing, and incident response. The primary objective of RŌNIN is to provide a fast/light linux desktop along with a curation of security tools and resources that are relevant for professionals, instructors, and students alike. In support of this objective, the RŌNIN project is guided by two main goals: * Focus on Continual Learning - The project provides a platform for continual learning by providing not only a professional tool-set but also easy access to relevant documentation, resources, and training... -
22
ESXi Forensic Imaging
Create forensic images from vmware esxi using dd and netcat
**This project has been moved to GitHub https://github.com/Gerodd/ESXimager ** With so many companies now moving to virtualization solutions like VMware, multiple "servers" are now stored as files (.vmdk, .vmem, etc..) on a SAN, NAS, local data store, etc... While this can make imaging a server easier, there is no tool to help a forensics investigator find the virtual machine they want to image, select the files they wish to image, and generate a hash and copy the image. This tool automates each of these steps and makes acquiring these images much easier while ensuring data integrity. -
23
Port Authority
Gains basic data about FreeBSD ports install for forensics analysis
Tools for finding programs installed on FreeBSD image using the ports system and cleanly outputting information like modify, access, and change times. Can also be used to find the UID of the user that most likely installed the program and attempts to use passwd file backups to put a login name to that user. -
24
The Forensics Data Identifier (FDI) is a tool which allows for large data files to be easily filtered for common forensically relevant data types.The tool was intended to speed up the ediscovery and analysis processes of the forensics investigation
-
25
XML carver which can carve damaged or non-standard XML out of any file. It rebuilds the XML tree, along with giving the offsets for all the carved XML data. This tool was developed for the DFRWS 2010 Forensics Challenge.
