Forensics Tools

PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutel…

A list of 350+ free TryHackMe rooms💻 to kick off your cybersecurity learning, organized by topics for easy exploration and practical skill-b…

Automation and Scaling of Digital Forensics Tools

A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts IP or FQDN with the sole purpose of testing yo…

UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It aut…

For educational purposes only, exhaustive samples of 500+ classic/modern trojan builders including screenshots.

A parser for Unified logging tracev3 files

Expose USB activity on the fly

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

Velociraptor is a tool for collecting host based state information using The Velociraptor Query Language (VQL) queries.

VerifyVision-Pro是一个全面的图像伪造篡改检测解决方案，利用深度学习（deep learning）和计算机视觉技术（cv）精确识别各类图像篡改，包括deepfake、AI生成内容、拼接操作和复制-移动篡改。基于PyTorch实现，集成了从数据处理、模型训练到部署的完…

A VBA parser and emulation engine to analyze malicious macros.

Virus - Trojans - Worms - Malwares

Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs fo…

A Python library to interact with the public VirusTotal v3 and v2 APIs.

Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.

The goal of this project is to build and provide all possible Volatility3 profiles for the main Linux distributions in x86_64 version only.

Framework for extracting digital artifacts from volatile memory (RAM) dumps. Supports Windows, Linux, and macOS memory images. Extracts proc…

Free GUI front-end for Volatility 3 memory forensics framework on Windows. Simplifies memory analysis workflow with dropdown plugin selectio…

Volatility is the world's most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction tec…

一款用于自动化处理内存取证的Python脚本，并提供GUI界面

Watcher - Open Source AI-powered Cyber Threat Intelligence & Hunting Platform. Developed with Django & React JS.