Search Results for "forensic data"
Sort By:
Showing 52 open source projects for "forensic data"
View related business solutions-
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
1
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
Live-Forensicator is a toolkit intended for live forensic collection and initial triage on Windows machines. It automates the capture of volatile information—running processes, network connections, loaded drivers, account sessions, and in-memory artifacts—into a consistent artifact set that investigators can analyze offline. The tool tries to be non-invasive while collecting sensitive data quickly and logs the collection steps to preserve chain-of-custody details and to help auditors understand potential collection side effects. ... -
2
Plaso
Super timeline all the things
Plaso (Plaso Langar Að Safna Öllu), or "super timeline all the things," is a Python-based engine designed for automatic creation of timelines in digital forensic investigations. It processes various log files and artifacts to generate a chronological sequence of events, aiding analysts in understanding system activities. -
3
MemProcFS Analyzer
Automated Forensic Analysis of Windows Memory Dumps for DFIR
MemProcFS-Analyzer is a forensic analysis toolset that builds on the MemProcFS virtual filesystem to make volatile memory artefacts easier to browse and interpret. By exposing process memory, kernel objects, and derived artifacts as regular files, the framework lets analysts use familiar filesystem operations and standard tools (editors, grep, diff) to explore memory snapshots. The Analyzer layer adds higher-level parsing and extraction routines—for example, carving strings, locating... -
4
WhoDB
A lightweight next-gen data explorer
WhoDB is a lightweight audit logging extension for PostgreSQL that helps track who accessed what data and when. It uses logical decoding and hooks into PostgreSQL internals to log query metadata, user identities, and timestamps in a separate audit schema. WhoDB is useful for compliance, security monitoring, and debugging in multi-user environments. -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
Timesketch
Collaborative forensic timeline analysis
Timesketch is a collaborative forensic timeline analysis platform used to investigate security incidents by turning diverse evidence into a single, searchable chronology. Analysts ingest logs and artifacts from many sources—endpoints, servers, cloud services—and Timesketch normalizes them into events on a unified timeline. Powerful search, aggregations, and saved views help you pivot quickly, highlight anomalies, and preserve investigative steps for later review. -
6
claude-code-transcripts
Tools for publishing transcripts for Claude Code sessions
claude-code-transcripts is a command-line utility that takes session files exported from Claude Code (in JSON or JSONL format) and turns them into clean, navigable HTML transcripts that can be viewed in any modern web browser. It is designed to make the often dense and verbose outputs from AI coding sessions easier to read, share, and archive by breaking conversations into paginated, annotated pages with navigable timelines of prompts and responses. Users can run this tool locally or fetch... -
7
key-elf
Forensic tool to recover lost BTC private keys.
A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. If needed, please visit:... -
8
recovery is a Live DVD/USB which aims troubleshooting, disk partitioning, system rescue, backup , restore data and desktop. This is a customized version of Debian Live. It contains : GParted, Clonezilla, Boot-Repair, LibreOffice and a lot of tools like ddrescue, Nwipe, TestDisk, DejaDup and many more recovery is modular in design, meaning programs can be installed simply by double clicking on module files. https://sourceforge.net/projects/recovery/files/modules/ version 2.5 - 31...
-
9
Dolphin-DVR-Pro
Professional CCTV DVR data recovery software.
Many new users wish to learn more about the features of Dolphin CCTV DVR data recovery software. Users can learn this actually by using the DVR recovery trial software. Here is a proven list of Dolphin DVR features: -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
10
Linux Engineer Toolkit Live
Portable Linux engineer toolkit for recovery, repair & data rescue
Linux Engineer Toolkit (LengToolkit) Live is a specialized, recovery-oriented Linux distribution designed for system engineers and IT professionals. Operating exclusively in Live mode, it provides a robust environment to rescue failing systems, recover lost data, and manage disk infrastructures without the need for installation. Website: https://nixovena.org/lengtoolkit -
11
Cyrethium
Cyrethium GNU/Linux Debian Based Privacy and Security Focused OS
ARCHIVAL NOTICE: Cyrethium Project This project has been long discontinued and is no longer being maintained by the developer. Please note that: Status: This distribution was officially abandoned some time ago. There are no plans for future updates, security patches, or support. Liability Disclaimer: The developer accepts no responsibility for any damages, security vulnerabilities, or data loss resulting from the use of this outdated software. Use it strictly at your own... -
12
Dexmond.com is the official website of Dexmond Technologies, dedicated to CypherNight: MAX-SEC V3, a professional-grade, multi-platform data encryption suite designed for securing, digitally signing, and managing sensitive files with uncompromising security. The core tool combines military-strength cryptography — AES-256-GCM for symmetric encryption, RSA-4096 (with OAEP padding) for asymmetric operations, Ed25519 digital signatures, and Argon2id for secure passphrase-based key derivation — to protect data against brute-force, offline, and alteration attacks. ...
-
13
q4rescue
A live linux Rescue toolkit/Emergency OS - based on q4os Trinity
A live linux system rescue toolkit based on q4os Trinity available as a bootable iso for administrating, repairing and cloning/restoring your system and data. Check wiki for full description : https://sourceforge.net/p/q4rescue/wiki/ Main tools: -Foxclone -Rescuezilla -Clonezilla -DDrescue-gui -qtfsarchiver -G4L -Apart -Testdisk -Photorec -Boot Repair -WoeUSB -Q4OS imager -UNetbootin -usbimager -Kdirstats -Kdiskmark -Rclone & Rclone... -
14
sentinel
Sentinel is a filesystem-backed document DBMS written in Rust.
Sentinel is a filesystem-backed document DBMS built in Rust that prioritizes compliance, transparency, and auditability over raw performance. Unlike traditional databases, every document is a plain JSON file, making your data immediately forensic-friendly and Git-versionable. Perfect for regulated industries requiring GDPR, SOC 2, HIPAA, or PCI-DSS compliance. Sentinel provides async operations with automatic BLAKE3 hashing and optional Ed25519 signatures for cryptographic integrity. Data encryption supports AES-256-GCM, XChaCha20-Poly1305, and Ascon-128. ... -
15
CompForTest
Computer Forensic Testing Code and Data
There seems to be a shortage of test data to verify that forensic analysis tools work as expected. This project creates such test data, along with instructions/suggestions for how to perform the tests. -
16
WTE
Forensic Windows Triage Environment
* Files are compressed and ENCRYPTED so are identified as "Malware" by Sourceforge. Criminal Investigators auxiliary in conducting investigations on computer systems. WTE is an easy to use, integrated forensic system that enables an investigator to safely image, preview and analyze internal hard drives (DeadBox), and also to conduct live forensics (LiveBox) or data recovery, using their tool(s) of choice. Safely and Easily Search and Triage with no need to disassemble computers or laptops, or to use physical write-blockers or any heavy and expensive forensic station. ... -
17
A patch to the GNU dd program, this version has several features intended for forensic acquisition of data. Highlights include hashing on-the-fly, split output files, pattern writing, a progress meter, and file verification. Latest base version available : https://sourceforge.net/projects/dc3dd/files/dc3dd/7.3.1/ This version works on modern versions of Linux, as well other UNIX like operating systems. Alternatively, this version for Windows : https://sourceforge.net/projects/dc3dd/files/dc3dd/7.2.646/ Grab it with Cygwin 2.5, Cygwin terminal or the bare DLLS.
-
18
RAWImaging
Graphical frontend to work with binary images (RAW) of media
...Also the program can be used as a last chance to rescue data from a dying media by software. -
19
...NFX Detective is an extensible platform that can be customized to individual requirements: Possibility to create new extraction modules for other application protocols. Extension of the system with user defined analytical methods. NFX Detective employs open data model that can be accessed or easily modified. https://github.com/nesfit/NetfoxDetective
-
20
F.H.C. live
Linux bootable LiveCD - Forensics Hard Copy
Forensic Hard Copy is a linux distribution, bootable from CD / USB (live), created exclusively to automate and speed up the identical copy of mass memories. Such copying procedures are commonly used in the field of forensic computers; it is orthodox practice in this field of information technology, to acquire data from the offending media so as to preserve them from possible alterations or damage, and then subsequently analyze the identical copy. -
21
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. -
22
CapAnalysis
PCAP from another point of view
CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. Analyze TCP and UDP streams Support multible datasets Perform deep packet inspection Support filtering capability Source Code: https://github.com/xplico/CapAnalysis -
23
Projects: 1. LMDQL is a tool that allows queries to multidimensional data based on interconnected XML documents, including XBRL (...) 2. Forensic LMDQL is a tool for forensic financial analysis based on OLAP query languages, for the detection of fraud in XBRL-based financial reporting (...) 3. XBRL Mobile is a tool to visualization of XBRL data on mobile devices (...) 4. XBRL Formula Webservices is a framework for flexible processing of business rules defined with XBRL Formula from the use of services (...) 5. ...
-
24
i-Map - Plot Geolocation from Images
Automatically plots latitude, longitude from images on Google maps.
...To generate a report, you can export this data into PDF or Excel file according to your requirements. -
25
DVCS-Ripper
Rip web accessible (distributed) version control systems: SVN/GIT/HG
DVCS Ripper is a security and forensics toolkit that reconstructs source code repositories accidentally exposed on web servers. It understands multiple version-control systems—Git, Mercurial, Bazaar, and Subversion—and crawls their metadata directories to rebuild full history where possible. The utilities handle partial or blocked directory listings by guessing object paths and assembling missing pieces from loose files. Investigators and red-teamers use it to demonstrate the risk of...
