Forensics Tools

534 tools
ad-privileged-audit
ad-privileged-audit
Free Forensics Post-Exploitation

Provides various Windows Server Active Directory (AD) security-focused reports.
ADFT
ADFT
Open Source Forensics Post-Exploitation

Active Directory Forensic Toolkit : Detect & reconstruct AD attacks from Windows event logs (EVTX)
ADTimeline
ADTimeline
Open Source Forensics Post-Exploitation

Timeline of Active Directory changes with replication metadata
ai_for_the_win
ai_for_the_win
Free Forensics

Build AI-powered security tools. 50+ hands-on labs covering ML, LLMs, RAG, threat detection, DFIR, and red teaming. Includes Colab notebooks…
All-CEHv13-Module-wise-PDF-Reports
All-CEHv13-Module-wise-PDF-Reports
Free Forensics Reconnaissance

Practical labs, notes, and reports for CEH v13 modules — covering web hacking, network pentesting, malware analysis, social engineering, and…
AlphaGolang
AlphaGolang
Open Source Forensics Reverse Engineering

IDApython Scripts for Analyzing Golang Binaries
amcache-evilhunter
amcache-evilhunter
Open Source Forensics

Parse and analyze a Windows Amcache.hve registry hive, VirusTotal integration.
Analisi-Digital-Forense
Analisi-Digital-Forense
Free Forensics

Strumenti di Acquisizione e Analisi di copie Forensi
analyzeMFT
analyzeMFT
Open Source Forensics

analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multiple …
androidqf
androidqf
Free Forensics

androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of…
androidqf
androidqf
Free Forensics

androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of…
Anthropic-Cybersecurity-Skills
Anthropic-Cybersecurity-Skills
Open Source Exploitation Forensics

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · …
aparoid
aparoid
Free Forensics Reverse Engineering

Static and dynamic Android application security analysis
apiosintDS
apiosintDS
Open Source Forensics

On demand query API for https://github.com/davidonzo/Threat-Intel project.
APKiD
APKiD
Free Evasion Forensics

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
APKLab
APKLab
Open Source Forensics Reverse Engineering

Android Reverse-Engineering Workbench for VS Code
APT-Hunter
APT-Hunter
Open Source Forensics

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea…
APT-Sample
APT-Sample
Free Forensics

Pull some Malware samples here for other security researchers/malware analyst's to analyze and play with.
ArkhamMirror
ArkhamMirror
Open Source Forensics Reconnaissance

Local-first AI-powered document intelligence platform for investigative journalism
artemis
artemis
Open Source Forensics

A cross platform forensic parser written in Rust!
artifactcollector
artifactcollector
Open Source Forensics

🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
AskJOE
AskJOE
Open Source Forensics Reverse Engineering

AI-Powered Malware Analysis & Threat Intelligence for Ghidra Transform your static analysis workflow with cutting-edge AI capabilities, comp…
AsmResolver
AsmResolver
Open Source Forensics Reverse Engineering

A library for creating, reading and editing PE files and .NET modules.
asn
asn
Open Source Forensics Reconnaissance

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Netwo…