SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Forensic Open-Source Projects
-
ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Project mention: Ask HN: What Underrated Open Source Project Deserves More Recognition? | news.ycombinator.com | 2024-03-07ImHex
“A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.”
I actually used it not too long ago to inspect why a mp4 file wasn’t valid. The pattern language that they have is quite nice and having sections of the hex highlighted and being able to see what structures they represent and what data was on those structures was very useful!
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
kubeshark
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
Project mention: Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring | news.ycombinator.com | 2023-09-06The one similar product I had come across is Kubeshark (https://github.com/kubeshark/kubeshark). But admittedly the eBPF way seems more performant theoretically (given you can afford to have a modern-enough kernel). I'm really excited to see how this project develops out.
The eBPF-mode of innovation is pretty exciting, truly a fresh lens to building software. I'm also following Akita Software - the company building an eBPF paradigm of monitoring.
-
mvt
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
Amnesty International released Mobile Verification Toolkit to check your phone for malware, by checking encrypted backups on your computer. https://github.com/mvt-project/mvt
-
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Project mention: Ask HN: Cloud security auditing for indie-grade projects? | news.ycombinator.com | 2023-12-04Which cloud provider?
https://github.com/prowler-cloud/prowler is easy to get going with, and gives decent results. It's much stronger at AWS than GCP or Azure.
Steampipe can be a little harder to wrap your head around, but scales really well and has broader support: https://hub.steampipe.io/mods?objectives=security
-
Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
-
oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Project mention: Agent event queue is flooded. Check the agent configuration | /r/Wazuh | 2023-06-30
-
-
sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Project mention: Are there any GPU-powered disk forensics libraries/frameworks or programs? | /r/CUDA | 2023-09-28 -
autopsy
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
Project mention: Best Method for Attorney to Review Acquired Data - Disk Images/.e01 files? | /r/computerforensics | 2023-05-24If the attorney needs to search for files by key terms, then a free to use analysis option is Autopsy (https://www.sleuthkit.org/autopsy/). Autopsy would need to be installed to the attorney's Windows workstation and then an Autopsy database of the forensic image file would need to be generated.
-
-
hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Project mention: Release v2.5.0 🦅 of Hayabusa - Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool | /r/blueteamsec | 2023-05-07 -
-
-
-
-
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide
-
andriller
📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.
-
RecoverPy
Interactively find and recover deleted or :point_right: overwritten :point_left: files from your terminal
Project mention: RecoverPy 2.1.3: A Linux tool to recover deleted or overwritten files | /r/opensource | 2023-10-23 -
I guess it would work like any Chromium cache so first make a backup of your data %AppData%\Local\Microsoft\Edge\User Data\Default\ and use https://github.com/obsidianforensics/hindsight Telegram is encrypted so I don't know how this is going to be readable.
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Forensics related posts
- RecuperaBit: A tool for forensic file system reconstruction
- Most used DFIR tools
- Exploiting the iPhone 4
- Meduza co-founder's phone infected with Pegasus
- PaulNorman01/Forensia
- NSO Group iPhone Zero-Click, Zero-Day Exploit Captured in the Wild
- Windows, macOS, Linux vulnerability Scanner or Script
-
A note from our sponsor - SaaSHub
www.saashub.com | 28 Mar 2024
Index
What are some of the best open-source Forensic projects? This list will help you:
Project | Stars | |
---|---|---|
1 | ImHex | 32,418 |
2 | radare2 | 19,447 |
3 | kubeshark | 10,462 |
4 | mvt | 9,701 |
5 | prowler | 9,424 |
6 | Infosec_Reference | 5,328 |
7 | oletools | 2,710 |
8 | chainsaw | 2,502 |
9 | timesketch | 2,470 |
10 | sleuthkit | 2,460 |
11 | autopsy | 2,205 |
12 | volatility3 | 2,154 |
13 | hayabusa | 1,890 |
14 | tcpflow | 1,638 |
15 | plaso | 1,604 |
16 | MemLabs | 1,520 |
17 | digital-forensics-lab | 1,355 |
18 | Digital-Forensics-Guide | 1,304 |
19 | andriller | 1,246 |
20 | RecoverPy | 1,154 |
21 | hindsight | 1,006 |
22 | hackdroid | 864 |
23 | ForensicsTools | 850 |