Python Forensics

Open-source Python projects categorized as Forensics Edit details

Top 18 Python Forensic Projects

  • mvt

    MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

    Project mention: SSTIC 2022 - Symposium sur la sécurité des technologies de l'information et des communications | dev.to | 2022-06-17
  • timesketch

    Collaborative forensic timeline analysis

    Project mention: Any Timeline self hosted types of software? | reddit.com/r/selfhosted | 2021-10-26
  • SonarLint

    Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  • plaso

    Super timeline all the things

    Project mention: Solving a child porn case (student environment) | reddit.com/r/computerforensics | 2021-10-23

    My advice would be to go through a timeline to assert the activity before and after these files "appeared" . This can be done in log2timeline / plaso , this script can parse the raw image (or e01 or whatever you have) and build a timeline , parse it and sort it. Also look for lnk files and shellbags to see if the files were opened , used etc.

  • andriller

    📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.

    Project mention: Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices. | reddit.com/r/CKsTechNews | 2022-06-20
  • hindsight

    Web browser forensics for Google Chrome/Chromium

    Project mention: Forensic script ideas? | reddit.com/r/computerforensics | 2022-01-21
  • Digital-Forensics-Guide

    Digital Forensics Guide

    Project mention: Useful Security Tools and Resources for Digital Forensics | reddit.com/r/netsec | 2022-05-03
  • mac_apt

    macOS (& ios) Artifact Parsing Tool

  • JetBrains

    Developer Ecosystem Survey 2022. Take part in the Developer Ecosystem Survey 2022 by JetBrains and get a chance to win a Macbook, a Nvidia graphics card, or other prizes. We’ll create an infographic full of stats, and you’ll get personalized results so you can compare yourself with other developers.

  • MalConfScan

    Volatility plugin for extracts configuration data of known malware

  • docker-explorer

    A tool to help forensicate offline docker acquisitions

    Project mention: ISO Docker IR Resources | reddit.com/r/computerforensics | 2021-07-03
  • RecuperaBit

    A tool for forensic file system reconstruction.

    Project mention: Need help, with creating a symlink. | reddit.com/r/Ubuntu | 2022-04-05

    $ sudo -s # cd /opt # git clone https://github.com/Lazza/RecuperaBit.git

  • WhatsDump

    Extract WhatsApp private key from any non-rooted Android device (Android 7+ supported)

    Project mention: Linux Android Backup, an open-source & cross-platform tool to back up Android devices | reddit.com/r/DataHoarder | 2022-01-08

    The next best thing was https://github.com/MarcoG3/WhatsDump that would use an emulator to talk to Whatsapp servers and get the key, but that isn't working too since recently (BTW pinging /u/Drooliog/ if you still think the key is coming from your SIM and you have some totally local backup).

  • WhatsApp-Key-Database-Extractor

    The most advanced and complete solution for extracting WhatsApp key/DB from package directory (/data/data/com.whatsapp) without root access.

    Project mention: Export a specific WhatsApp conversation. | reddit.com/r/DataHoarder | 2022-05-15

    You don't say what OS you have on the phone. For Android you need to extract the db/key, one of the few options that work is https://github.com/YuvrajRaghuvanshiS/WhatsApp-Key-Database-Extractor and then read it in https://github.com/andreas-mausch/whatsapp-viewer .

  • nsa-codebreaker-2020

    My solutions to the 2020 NSA Codebreaker Challenge

  • INDXRipper

    Carve file metadata from NTFS index ($I30) attributes

    Project mention: INDXRipper: Carve index entries from NTFS index ($I30) attributes | reddit.com/r/blueteamsec | 2021-09-28
  • urlRecon

    :pencil: urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server

    Project mention: urlRecon: Herramienta de recopilación de información o reconocimiento de Urls 🧐 | reddit.com/r/u_esgeeks | 2022-04-07
  • WiFi-Project

    Pre-connection attacks, gaining access & post-connection attacks on WEP, WPA & WPA2. 🛰✔️

    Project mention: WiFi-Project: Ataques Previos y Posteriores a la Conexión en WEP, WPA y WPA2 😳 | reddit.com/r/u_esgeeks | 2021-12-14
  • RELY

    RELY (Name composed on project members Romy, Esther, Lucille and Yassir) is a python tool developed to help a Digital Forensics Triage procedure on some Microsoft Windows devices.

  • post-photorec

    Tool to auto-organize files recovered by PhotoRec and similar tools.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-06-20.

Python Forensics related posts

Index

What are some of the best open-source Forensic projects in Python? This list will help you:

Project Stars
1 mvt 7,789
2 timesketch 1,945
3 plaso 1,295
4 andriller 879
5 hindsight 761
6 Digital-Forensics-Guide 522
7 mac_apt 495
8 MalConfScan 416
9 docker-explorer 408
10 RecuperaBit 385
11 WhatsDump 247
12 WhatsApp-Key-Database-Extractor 223
13 nsa-codebreaker-2020 66
14 INDXRipper 26
15 urlRecon 26
16 WiFi-Project 23
17 RELY 2
18 post-photorec 0
Find remote jobs at our new job board 99remotejobs.com. There are 4 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
Less time debugging, more time building
Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
scoutapm.com