Search Results for "forensic"
Sort By:
Showing 79 open source projects for "forensic"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhereโacross AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. ... -
2
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
...Because live collection can alter system state, Live-Forensicator includes options to limit intrusive actions and to capture hashes, timestamps, and provenance metadata to aid later validation. The output bundles are often compatible with other forensic parsers and workflows, which helps teams move from initial triage to deep-dive forensic analysis without re-running collection tasks. -
3
Sherloq
An open source digital image forensic toolset
Sherloq is a research-oriented toolkit designed for digital image forensics, providing an integrated environment to experiment with algorithms for image analysis and tampering detection. Rather than functioning as an automated decision-making system, it serves as a companion tool for researchers, enthusiasts, and students who want to explore forensic techniques from scientific literature and workshops. The project emphasizes transparency and community collaboration, contrasting with proprietary forensic tools that often rely on secrecy. Initially developed in C++ in 2015 and later transitioned to a Qt-based GUI in 2017, Sherloq has since been ported to Python with PySide2, Matplotlib, and OpenCV to improve accessibility and ease of development. ... -
4
Plaso
Super timeline all the things
Plaso (Plaso Langar Aรฐ Safna รllu), or "super timeline all the things," is a Python-based engine designed for automatic creation of timelines in digital forensic investigations. It processes various log files and artifacts to generate a chronological sequence of events, aiding analysts in understanding system activities.โ -
Earn up to 16% annual interest with Nexo.Generate interest, access liquidity without selling, and execute trades seamlessly. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
5
WhoDB
A lightweight next-gen data explorer
WhoDB is a lightweight audit logging extension for PostgreSQL that helps track who accessed what data and when. It uses logical decoding and hooks into PostgreSQL internals to log query metadata, user identities, and timestamps in a separate audit schema. WhoDB is useful for compliance, security monitoring, and debugging in multi-user environments. -
6
Timesketch
Collaborative forensic timeline analysis
Timesketch is a collaborative forensic timeline analysis platform used to investigate security incidents by turning diverse evidence into a single, searchable chronology. Analysts ingest logs and artifacts from many sourcesโendpoints, servers, cloud servicesโand Timesketch normalizes them into events on a unified timeline. Powerful search, aggregations, and saved views help you pivot quickly, highlight anomalies, and preserve investigative steps for later review. -
7
O-Saft
O-Saft - OWASP SSL advanced forensic tool
O-Saft is an OWASP project that offers an advanced SSL/TLS analysis tool. It provides detailed information about SSL certificates and tests SSL connections against specified cipher lists, aiding in the assessment of SSL/TLS configurations. โ -
8
HiddenVM
HiddenVM โ Use any desktop OS without leaving a trace
If at any time Tails pushes an unexpected update, and HiddenVM is not yet updated for it, and you are stuck with a new Tails and no working HiddenVM version, you can re-download and temporarily use an earlier version of Tails until HiddenVM is updated. There are archived direct HTTP download mirrors of Tails images, archived official torrents with PGP signatures, or third-party archives at linuxtracker.org or fosstorrents.com, etc. (Always verify third-party torrents with archived official... -
9
claude-code-transcripts
Tools for publishing transcripts for Claude Code sessions
...The generated HTML includes interactive navigation and can optionally be published to GitHub Gists for sharing with collaborators or embedding in other documentation. It also supports including the raw session JSON alongside the transcript for forensic or archival purposes. -
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
10
Thanos.sh
if you are Thanos(root), this command could delete half your files
Thanos.sh is a smallโbut dangerousโtool that randomly deletes roughly half of the files on a system (hence the name). It ships as a shell script plus a PowerShell variant (Invoke-Thanos.ps1) that can target files, environment variables, registry entries, functions, aliases and certificates, and the repository warns repeatedly not to run it casually. The project includes short installation notes (for example, macOS requires gshuf from coreutils) and a README that frames the script as a โreal... -
11
key-elf
Forensic tool to recover lost BTC private keys.
A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. If needed, please visit:... -
12
Adaptive Intelligence
Adaptive Intelligence also known as "Artificial General Intelligence"
Adaptive Intelligence is the implementation of neural science, forensic psychology , behavioral science with machine-learning and artificial intelligence to provide advanced automated software platforms with the ability to adjust and thrive in dynamic environments by combining cognitive flexibility, emotional regulation, resilience, and practical problem-solving skills. -
13
Chronolabs Cooperative
Superior Chronologistics ~ Transmultiversity organisation at home+out!
The Chronolabs cooperative has been operating from Sydney and around Australia from June 2006, we have and offer both closed and open source solutions to both the website consumer (Someone who needs a website) which can be either Person, Business or Government we also offer some Scientific testing and forensic systems as well as study broader topics away from web-design, the internet that are Boarder-line in this industry and beyond. Starting as a small start-up in 2006, Chronolabs has gone from strength to strength in supporting the Open Source community, namely XOOPS (see: http://xoops.org/) which was adopted by Chronolabs as a lot of the programmers from our community of developing this period was new to languages like PHP and LAMP Stack and XOOPS being OOP CI which is used in all VS and VS.NET it was the ideal choice for in-depth analysis and learning these open control mechanism coming from a Visual Studio and Visual Studio .NET -
14
...Unique features include per-chunk authentication, single-use uniqueness markers, encrypted key vaults, forced external archive loading for safe inspection of ZIP/RAR/ISO files, universal forensic archive extraction, and steganography (LSB hiding of files inside images). Additional highlights: a serverless P2P Wormhole for local network file transfer, customizable UI themes (Dark, Light, Matrix) support@dexmond.com
-
15
Dolphin-DVR-Pro
Professional CCTV DVR data recovery software.
Many new users wish to learn more about the features of Dolphin CCTV DVR data recovery software. Users can learn this actually by using the DVR recovery trial software. Here is a proven list of Dolphin DVR features: -
16
Linux Engineer Toolkit Live
Portable Linux engineer toolkit for recovery, repair & data rescue
Linux Engineer Toolkit (LengToolkit) Live is a specialized, recovery-oriented Linux distribution designed for system engineers and IT professionals. Operating exclusively in Live mode, it provides a robust environment to rescue failing systems, recover lost data, and manage disk infrastructures without the need for installation. Website: https://nixovena.org/lengtoolkit -
17
sentinel
Sentinel is a filesystem-backed document DBMS written in Rust.
Sentinel is a filesystem-backed document DBMS built in Rust that prioritizes compliance, transparency, and auditability over raw performance. Unlike traditional databases, every document is a plain JSON file, making your data immediately forensic-friendly and Git-versionable. Perfect for regulated industries requiring GDPR, SOC 2, HIPAA, or PCI-DSS compliance. Sentinel provides async operations with automatic BLAKE3 hashing and optional Ed25519 signatures for cryptographic integrity. Data encryption supports AES-256-GCM, XChaCha20-Poly1305, and Ascon-128. Each document includes full audit metadataโcreation timestamps, version history, hashes, and signaturesโviewable with standard UNIX tools. ... -
18
WTE
Forensic Windows Triage Environment
* Files are compressed and ENCRYPTED so are identified as "Malware" by Sourceforge. Criminal Investigators auxiliary in conducting investigations on computer systems. WTE is an easy to use, integrated forensic system that enables an investigator to safely image, preview and analyze internal hard drives (DeadBox), and also to conduct live forensics (LiveBox) or data recovery, using their tool(s) of choice. Safely and Easily Search and Triage with no need to disassemble computers or laptops, or to use physical write-blockers or any heavy and expensive forensic station. ... -
19
MantaRay Forensics
An Open Source Project | Since 2013 | SANS SIFT Automation | Hash Sets
MantaRay Forensics | An Open Source Project | Since 2013 | SANS SIFT Automation | Hash Sets MantaRay is designed to automate processing forensic evidence with open source tools. Released in SIFT 3.0 in 2013, with support for numerous image formats, the tool provides a scalable framework to utilize open source and custom exploitation tools. MantaRay is developed by forensic examiners with more than 30 years of collective experience in computer forensics. Additionally, the team releases a refined VirusShare.com hash set quarterly with incremental updates between major releases. ... -
20
๐ข๐ฝ๐ฒ๐ฟ๐ฎ๐๐ถ๐๐ฒ ๐๐ถ๐๐๐ฒ๐บ / ๐๐ฒ๐ฟ๐ผ๐ฑ๐ฎ๐ ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐ _ Contains advanced security within the kernel, denying use of user memory not allowing user identification / This security allows to stop ransomware attacks _ ! Remove memory / wipe user-space and kernel after system shutdown * Browse anonymously without leaving a trace / tor / privoxy > Sign all operating system and boot verification . Integrity Measurement Architecture _ Subsystem is responsible for calculating the hashes of files...
-
21
PacketStreamer
Distributed tcpdump for cloud native environments
Deepfence PacketStreamer is a high-performance remote packet capture and collection tool. It is used by Deepfence's ThreatStryker security observability platform to gather network traffic on demand from cloud workloads for forensic analysis. PacketStreamer sensors are started on the target servers. Sensors capture traffic, apply filters, and then stream the traffic to a central receiver. Traffic streams may be compressed and/or encrypted using TLS. The PacketStreamer receiver accepts PacketStreamer streams from multiple remote sensors and writes the packets to a local pcap capture file. ... -
22
Chronolabs
Centroidal Plexus in Chronographics & Chronologistics
The Chronolabs cooperative has been operating from Sydney and around Australia from June 2006, we have and offer both closed and open source solutions to both the website consumer (Someone who needs a website) which can be either Person, Business or Government we also offer some Scientific testing and forensic systems as well as study broader topics away from web-design, the internet that are Boarder-line in this industry and beyond. Starting as a small start-up in 2006, Chronolabs has gone from strength to strength in supporting the Open Source community, namely XOOPS (see: http://xoops.org) which was adopted by Chronolabs as a lot of the programmers from our community of developing this period was new to languages like PHP and LAMP Stack and XOOPS being OOP CI which is used in all VS and VS.NET it was the ideal choice for in-depth analysis and learning these open control mechanism coming from a Visual Studio and Visual Studio .NET. -
23
F.H.C. live
Linux bootable LiveCD - Forensics Hard Copy
Forensic Hard Copy is a linux distribution, bootable from CD / USB (live), created exclusively to automate and speed up the identical copy of mass memories. Such copying procedures are commonly used in the field of forensic computers; it is orthodox practice in this field of information technology, to acquire data from the offending media so as to preserve them from possible alterations or damage, and then subsequently analyze the identical copy. -
24
IDABench
Old School Light Weight Network Forensic Tool
This is the fork of the SHADOW IDS produced in 2003. It has been updated to work on modern (SystemD, OpenRC) GNU suites. The original developers added the plugable architecture. It has been tweaked for TSHARK. It requires a CGI web server. It will run tcpdump 24x7x???. It will render initial analysis, and searchability. # idabench Version 1.0.1 idabench is public domain software and may be freely used and # distributed with or without modification.... -
25
Dr0p1t-Framework
A framework that create an advanced stealthy dropper
...The framework includes features such as antivirus evasion, privilege escalation, and system persistence, enabling it to maintain access on compromised systems. It also incorporates techniques to avoid forensic analysis, such as self-deletion and cleaning traces after execution. The generated executables are optimized to be small and efficient, improving their ability to bypass security controls.
