Search Results for "forensic linux"
Sort By:
Showing 51 open source projects for "forensic linux"
View related business solutions-
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
Secure File Transfer for Windows with Cerberus by RedwoodCerberus supports unlimited users and connections on a single IP, with built-in encryption, 2FA, and a browser-based web client — all deployable in under 15 minutes with a 25-day free trial.
-
1
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. Using it requires... -
2
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
Live-Forensicator is a toolkit intended for live forensic collection and initial triage on Windows machines. It automates the capture of volatile information—running processes, network connections, loaded drivers, account sessions, and in-memory artifacts—into a consistent artifact set that investigators can analyze offline. The tool tries to be non-invasive while collecting sensitive data quickly and logs the collection steps to preserve chain-of-custody details and to help auditors... -
3
key-elf
Forensic tool to recover lost BTC private keys.
A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. If needed, please visit:... -
4
JakiKaliOS
JakiKaliOS V.0.01 is a LiveRAM Debian distribution based on Kali Linux
JakiKaliOS is a LiveRAM Linux distribution based on Kali Linux, designed for cybersecurity professionals, ethical hackers, forensic analysts, and laboratory environments. The system runs entirely in RAM by default, leaving no disk footprint and providing fast, clean, and temporary work sessions ideal for security testing and controlled operations. JakiKaliOS includes a lightweight XFCE desktop optimized for performance and low resource usage, suitable for virtual machines, VPS consoles, and bare metal systems. ... -
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
5
MantaRay Forensics
An Open Source Project | Since 2013 | SANS SIFT Automation | Hash Sets
MantaRay Forensics | An Open Source Project | Since 2013 | SANS SIFT Automation | Hash Sets MantaRay is designed to automate processing forensic evidence with open source tools. Released in SIFT 3.0 in 2013, with support for numerous image formats, the tool provides a scalable framework to utilize open source and custom exploitation tools. MantaRay is developed by forensic examiners with more than 30 years of collective experience in computer forensics. Additionally, the team releases... -
6
Tranalyzer
Tranalyzer flow generator packet analyzer moved to: tranalyzer.com
The Anteater moves to a new site, available under tranalyzer.com. This tool generates extended netflow-like flow/packet statistics from large pcap files or ethernet interfaces. It is intended to serve as a tool for IT troubleshooting, encrypted traffic mining, AI preprocessing and forensic analysis. A packet based "tshark mode" for detailed header and content inspection is improved for troubleshooting and security purposes. Flow based and packet based content inspection and extraction,... -
7
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits / LKMs or by another hiding technique. Note 1: Unhide-linux repo has migrated to https://github.com/YJesus/Unhide Please, report bugs or make pull requests on the new repo. Note 2: unhide-windows is no more maintained. Use tools like Gmer http://www.gmer.net/
-
8
Parrot Project
Security, Development and Privacy Defense, all in one place.
Parrot is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. -
9
IDABench
Old School Light Weight Network Forensic Tool
This is the fork of the SHADOW IDS produced in 2003. It has been updated to work on modern (SystemD, OpenRC) GNU suites. The original developers added the plugable architecture. It has been tweaked for TSHARK. It requires a CGI web server. It will run tcpdump 24x7x???. It will render initial analysis, and searchability. # idabench Version 1.0.1 idabench is public domain software and may be freely used and # distributed with or without modification.... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used... -
11
CapAnalysis
PCAP from another point of view
CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. Analyze TCP and UDP streams Support multible datasets Perform deep packet inspection Support filtering capability Source Code: https://github.com/xplico/CapAnalysis -
12
Advanced Persistent Security
Advanced Persistent Threat Security
The architecture of the system is integrated by different Fingerprinting mechanisms. The system is designed from a core that avoids the detection of sdhash and Memory analysis Built-in security, allows anonymous browsing by filtering requests external identification, Exit Tor Nodes and using the TOR Fingerprinting structure The system is designed to navigate without being detected or registered by any search engine or online platform denying all types of response to servers, The... -
13
Quick Hash GUI
Linux, Windows and Apple Mac File Hashing GUI Tool
This project has moved to www.quickhash-gui.org as of 2016-12-04. I kept v2.6.9.2 and below hosted here since Dec 16 but too many people were ignoring the fact that no updates were being posted here. For the latest QuickHash v2.8.4 release (Aug 28th 2017), go to www.quickhash-gui.org, and note that as of 29/12/16 a Debian package is also available -
14
Greyhound-Ubuntu : Trident
An all purpose Distro for Pentesters
Greyhound Trident is a GNU/Linux, Ubuntu based security distribution designed for penetration testing and cyber forensic investigations. It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS. >>Based on Ubuntu 12.04.2 LTS (32bit ) user/pass : root/toor >>Kernel version 3.5.0-45 (little modified to make some of unsupported tools to work, but still will able to get Ubuntu updates ) >>2 Desktop environment : Gnome3, Docky Desktop for different test >>Final release >> Around 300 tools for all-round pentest performance User friendly, all important plugins such as video codec, audio plugins added Above all, this is Ubuntu, specially Hackers Ubuntu. ... -
15
Matriux is a GNU/Linux, Debian based security distribution designed for penetration testing and cyber forensic investigations. It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS.
-
16
ANNFiD
A forensic file identification tool using neural networks
Just carved a bunch of bytes and have no idea what they could be? Maybe ANNFiD can help. ANNFiD uses neural network to identify byte patterns. It can be trained and has a GUI to help in the process. The tool is still on a very early stage, but could improve exponentially with the help of the developer community -
17
Forensic Scripts
Forensic scripts for evidence acquisitions, analysis and more
This project contains various scripts and code snippets that can easily be deployed by an incident responder or forensic analyst to aid them in either acquiring or analyzing critical data. You can contact me at: interrupt08@users.sf.net or visit my blog, fork(), at https://forksec.wordpress.com/ -
18
BHS Debian (Hades Update)
BHS debian (testing) jessie/sid
BHS (Debian) New BHS release Based on Debian jessie/sid Kermel 3.12 KDE 4.11 Debian style and look Custom scripts!! Defcon tools!! New wifi scripts Multiarch support Top tools username: root password: BHS note: Don't forget to run the script located on the desktop to install the missing tools,because without to run it the menu will not be functional,if you not see it just download from here in the file section..sorry for the delay the upload stack for 2... -
19
HackShark Linux
Lightweight Linux distro for penetration testing
Based on MATE environment HackShark Linux is a lightweight distribution for penetration testing, cyber forensic investigation and vulnerability assessment purpose. -
20
Matriux-VM
Matriux OS - Virtual Machine
Matriux is a GNU/Linux, Debian based security distribution designed for penetration testing and cyber forensic investigations. It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS. It's Matriux VM, for ISO, please visit https://sourceforge.net/projects/matriux/ -
21
Py Forensic
Análisis forénsico, entorno unificado y extracción de datos
Plataforma de recolección de información que se desarrolla mediante la programación de pequeños módulos independientes. Dichos scripts llevan a cabo las tareas forénsicas que habitualmente reservamos a otras aplicaciones. La instalación en Windows es muy sencilla (ver instrucciones en la descarga). En otras plataformas (Mac y GNU/Linux) se complica. -
22
Androick
Forensic analysis helper tool for android
Project now on Github : https://github.com/Flo354/Androick -
23
WTMParse
Python script to parse Unix-like WTMP files
Python script that was originally intended for use in forensic examinations that parses WTMP files from Unix-like operating systems and generates a CSS-styled HTML report containing login terminal, username, log start date and login time/date in a table. Good for postmortem forensic examinations or as a way of getting "last" like information where you don't have the ability to boot the machine in question but can grab the wtmp. -
24
-
25
IOS6 and recent iTunes updates have broken a few features. We have made some partial fixes, but they are not complete. If you'd like to help support our development, or take over the development please let us know. Explore the internal file structure of your iphone (or of a seized phone in the case of forensic teams) using either the iphone's own backup files or (for jail broken iphones) ssh. Viewing of plist, sqlite, and hex are supported. IOS 5 is now supported iOS 6 only partially...
