Search Results for "forensics"
Sort By:
Showing 54 open source projects for "forensics"
View related business solutions-
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
Add Two Lines of Code. Get Full APM.Works out of the box for Rails, Django, Express, Phoenix, and more. Monitoring exceptions and performance in no time.
-
1
Ghidra
Ghidra is a software reverse engineering (SRE) framework
...It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
2
PentestGPT
Automated Penetration Testing Agentic Framework Powered by LLMs
...Published at USENIX Security 2024, it combines advanced reasoning with an agentic workflow to automate tasks traditionally handled by human pentesters. The platform supports multiple penetration testing categories, including web security, cryptography, reversing, forensics, privilege escalation, and binary exploitation. PentestGPT runs in a Docker-first environment, providing a secure, reproducible setup with built-in tooling and session persistence. It offers real-time feedback and live walkthroughs, allowing users to observe each step of the testing process as it unfolds. Built with a modular and extensible architecture, PentestGPT supports cloud and local LLMs, making it suitable for research, education, and authorized security testing. -
3
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others. +200 checks covering security best practices across all AWS regions and most AWS services. ... -
4
GRR
GRR Rapid Response, remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. -
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
Detect It Easy
Program for determining types of files for Windows, Linux and MacOS
Detect It Easy (DiE) is a tool for determining the type and internal features of binary and other file formats. It is widely used by malware analysts, digital forensics investigators, reverse engineers, and security researchers to quickly inspect unknown files and infer their type, architecture, compiler/packer used, and internal structure. DiE supports a large variety of file formats — from common executables (Windows PE, Linux ELF, macOS Mach-O) to archives, mobile packages (APK, IPA), legacy binaries, compressed or packed files, and more — making it a versatile first step in analysis or triage workflows. ... -
6
Social-Analyzer
API, CLI, and Web App for analyzing and finding a person's profile
...The project includes modular detection and analysis components that users can enable depending on their investigative needs. It is commonly used in cybersecurity, digital forensics, and reconnaissance workflows where identity correlation is required. Social Analyzer emphasizes flexibility, allowing integration into automated pipelines or manual investigations. Overall, the project functions as a powerful reconnaissance engine for mapping online identities at scale. -
7
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. Using it requires... -
8
Tracee
Linux Runtime Security and Forensics using eBPF
Tracee is a runtime security and observability tool that helps you understand how your system and applications behave. It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns. -
9
Infosec Reference
An Information Security Reference That Doesn't Suck
Infosec Reference is a curated knowledge base and resource repository for information security practitioners. It aggregates cheat sheets, tooling guides, protocol deep dives, incident response playbooks, and threat actor profiles—all organized under accessible categories (network, web, host, cryptography, auditing). The repo is built as a living wiki of sorts: practitioners contribute updates, expand sections, or refine explanations as the threat landscape evolves. Because security spans... -
Gemini 3 and 200+ AI Models on One PlatformBuild, govern, and optimize agents and models with Gemini Enterprise Agent Platform.
-
10
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
Live-Forensicator is a toolkit intended for live forensic collection and initial triage on Windows machines. It automates the capture of volatile information—running processes, network connections, loaded drivers, account sessions, and in-memory artifacts—into a consistent artifact set that investigators can analyze offline. The tool tries to be non-invasive while collecting sensitive data quickly and logs the collection steps to preserve chain-of-custody details and to help auditors... -
11
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
-
12
key-elf
Forensic tool to recover lost BTC private keys.
A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. If needed, please visit:... -
13
Stegcore
A cross-platform crypto-steganography toolkit
...Unlike basic steganography tools that hide data without encrypting it, Stegcore ensures the payload is cryptographically protected at rest. Unlike pure encryption tools, the payload isn't even visible. Designed for journalists, security researchers, red teamers, digital forensics professionals, and CTF participants. -
14
MantaRay Forensics
An Open Source Project | Since 2013 | SANS SIFT Automation | Hash Sets
MantaRay Forensics | An Open Source Project | Since 2013 | SANS SIFT Automation | Hash Sets MantaRay is designed to automate processing forensic evidence with open source tools. Released in SIFT 3.0 in 2013, with support for numerous image formats, the tool provides a scalable framework to utilize open source and custom exploitation tools. MantaRay is developed by forensic examiners with more than 30 years of collective experience in computer forensics. -
15
Tranalyzer
Tranalyzer flow generator packet analyzer moved to: tranalyzer.com
...A packet based "tshark mode" for detailed header and content inspection is improved for troubleshooting and security purposes. Flow based and packet based content inspection and extraction, better reporting, geo and organisation labeling, forensics support and encapsulation support such as ethip, teredo, anything in anything, SCTP, etc are new features of the 0.8.14. Checkout the tutorials: https://www.tranalyzer.com/tutorials -
16
...This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".
-
17
HASH-Cracker ☢
Simple multithreading bruteforce hash cracker written in Go
Utility for security, pentests and forensics investigation. The project was created for educational purposes, the idea is to check the complexity of decryption for an approximate estimate of the time after hacking. This project is licensed under the MIT License. Copyright © 2021 Nikita Vtorushin, © 2021 Pedro Albanese Source code: https://github.com/pedroalbanese/hash-cracker Visit: http://albanese.atwebpages.com -
18
JWT-Cracker
Pure Go HS256/384/512 JWT Token Brute-force Cracker
Utility for security, pentests and forensics investigation. JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties. This is realistically only effective to crack JWT with weak secrets. It also only currently works with HMAC-SHA2 signatures. This project is licensed under the MIT License. Copyright © 2018 Alexander Sagen Copyright © 2021 Pedro Albanese Source code: https://github.com/pedroalbanese/jwt-cracker Visit: http://albanese.atwebpages.com -
19
bruteforce-salted-openssl for Windows
OpenSSL tool for security, pentests and forensics investigation
Written by Guillaume LE VAILLANT. -
20
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used... -
21
pcaprunner
Analizes PCAP files and gives statistics about IP packets.
PCAPRUNNER runs through PCAP files and statistically analyzes IP packets. Other packets are ignored. Adresses, ports, oldest timestamp, youngest timestamp (first seen / last seen), the quantity of packets and the sum of the packet volumes (as given in the PCAP file as orig_len) are listed. PCAPRUNNER uses only the C standard library, no LIBPCAP. -
22
Advanced Persistent Security
Advanced Persistent Threat Security
The architecture of the system is integrated by different Fingerprinting mechanisms. The system is designed from a core that avoids the detection of sdhash and Memory analysis Built-in security, allows anonymous browsing by filtering requests external identification, Exit Tor Nodes and using the TOR Fingerprinting structure The system is designed to navigate without being detected or registered by any search engine or online platform denying all types of response to servers, The... -
23
swap_digger
swap_digger is a tool used to automate Linux swap analysis
swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc. -
24
Cyborg Essentials
Cyborg Essenitals is Debian based Penetration Testing Distro
Cyborg Essenitals is all new series Debian based Penetration Testing Distro , a product of Cyborg Linux and cousin of Cyborg Hawk Linux . It is different from cyborg hawk as it is based on DEBIAN. It contains all the essentials tools a pro ethical hacker and security expert needs which makes it lightweight and half the size of Cyborg Hawk Linux. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of... -
25
The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images.
