Forensics Tools

534 tools
MemProcFS-Analyzer
MemProcFS-Analyzer
Open Source Forensics

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
meow
meow
Free Forensics

Cybersecurity research results. Simple C/C++ and Python implementations
MESH
MESH
Open Source Forensics

MESH enables remote wireless debugging for Android, providing mobile forensics & network monitoring over an encrypted, censorship-resistant …
MFTECmd
MFTECmd
Open Source Forensics

Parses $MFT from NTFS file systems
Microsoft-Analyzer-Suite
Microsoft-Analyzer-Suite
Open Source Forensics

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
Microsoft-eventlog-mindmap
Microsoft-eventlog-mindmap
Open Source Forensics Post-Exploitation

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
Microsoft-Sentinel-SecOps
Microsoft-Sentinel-SecOps
Open Source Forensics

Microsoft Sentinel SOC Operations
mimicry
mimicry
Free Forensics Password Attacks

Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
MISP
MISP
Open Source Forensics

MISP (core software) - Open Source Threat Intelligence and Sharing Platform
misp-taxonomies
misp-taxonomies
Free Forensics

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Mobile-Security-Framework-MobSF
Mobile-Security-Framework-MobSF
Open Source Forensics Reverse Engineering

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and sec…
mobileAudit
mobileAudit
Open Source Forensics

Django application that performs SAST and Malware Analysis for Android APKs
ModTracer
ModTracer
Open Source Forensics

ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.
mquire
mquire
Open Source Forensics

Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external debu…
MrHandler
MrHandler
Open Source Forensics

Linux Incident Response Reporting
mvt
mvt
Free Forensics

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
mwdb-core
mwdb-core
Free Forensics

Malware repository component for samples & static configuration with REST API interface.
mwemu
mwemu
Open Source Evasion Exploitation

It's a hardware emulator + OS process simulator implemented in pure rust.
my-arsenal-of-aws-security-tools
my-arsenal-of-aws-security-tools
Open Source Forensics

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Nauz-File-Detector
Nauz-File-Detector
Open Source Forensics Reverse Engineering

Linker/Compiler/Tool detector for Windows, Linux and MacOS.
netdis
netdis
Free Forensics Reverse Engineering

Netdis is an open-source binary analysis tool powered by Ghidra. Upload files for disassembly, decompilation, control flow graphs and more, …
netspionage
netspionage
Free Forensics Reconnaissance

Network Forensics CLI utility that performs Network Scanning, OSINT, and Attack Detection
NetworkMiner
NetworkMiner
Freemium Forensics

Network forensics analysis tool (NFAT) that captures packets and parses them to reconstruct transmitted files, certificates, images, and cre…
nfr
nfr
Free Forensics

A lightweight tool to score network traffic and flag anomalies