Forensics Tools

534 tools
btl1-field-notes
btl1-field-notes
Open Source Forensics

Field reference for BTL1 and Tier 1 SOC work — grep-ready cheatsheets, SPL queries, Volatility workflows, live response commands
Bulk Extractor
Bulk Extractor
Open Source Kali Forensics

Scans a disk image, file, or directory and extracts features such as email addresses, URLs, credit card numbers, phone numbers, and other fo…
Bypass-Protection0x00
Bypass-Protection0x00
Free Evasion Exploitation

EDR & AV Bypass Arsenal— a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.
byvalver
byvalver
Free Exploitation Forensics

takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalities
capa
capa
Open Source Forensics Reverse Engineering

The FLARE team's open-source tool to identify capabilities in executable files.
CAPEv2
CAPEv2
Free Forensics Reverse Engineering

Malware Configuration And Payload Extraction
CASE
CASE
Open Source Forensics

Cyber-investigation Analysis Standard Expression (CASE) Ontology
CAT-Net
CAT-Net
Free Forensics

Official code for CAT-Net: Compression Artifact Tracing Network. Image manipulation detection and localization.
catalyst
catalyst
Open Source Forensics

⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident re…
CDIR
CDIR
Open Source Forensics

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
chainsaw
chainsaw
Open Source Forensics

Rapidly Search and Hunt through Windows Forensic Artefacts
CloudIntel
CloudIntel
Open Source Exploitation Forensics

This repo contains IOC, malware and malware analysis associated with Public cloud
CloudSlash
CloudSlash
Free Forensics

Local-first AWS forensic engine. Finds waste via dependency graph analysis and enables safe remediation with Terraform state restoration.
Coeus-OSINT-ToolBox
Coeus-OSINT-ToolBox
Open Source Forensics Reconnaissance

Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring…
Collect-MemoryDump
Collect-MemoryDump
Open Source Forensics

Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
Common-CTF-Challenges
Common-CTF-Challenges
Free Forensics Reverse Engineering

Common CTF Challenges is a collection of tools and resources to help individuals improve their Capture the Flag (CTF) skills. Cover a wide r…
Configuration_extractors
Configuration_extractors
Free Forensics Reverse Engineering

Configuration Extractors for Malware
Cortex
Cortex
Open Source Forensics

Cortex: a Powerful Observable Analysis and Active Response Engine
Cortex-Analyzers
Cortex-Analyzers
Open Source Forensics

The following repository is used by TheHive Project to develop and store Cortex analyzers & responders.
cradle
cradle
Open Source Forensics

CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taking,…
Crow-Eye
Crow-Eye
Open Source Forensics

CS7038-Malware-Analysis
CS7038-Malware-Analysis
Free Forensics

Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
CTF_tools
CTF_tools
Free Forensics Reconnaissance

List of tools and commands that may be helpful in CTFs
ctf-super-hub
ctf-super-hub
Free Forensics Reconnaissance

面向小白用户的 CTF / 逆向 Skills 整合包:自动分流、头脑风暴、教学模式、比赛模式、只提示模式