Forensics

Open-source projects categorized as Forensics

Top 23 Forensic Open-Source Projects

  • ImHex

    🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

    Project mention: Ask HN: What Underrated Open Source Project Deserves More Recognition? | news.ycombinator.com | 2024-03-07

    ImHex

    “A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.”

    I actually used it not too long ago to inspect why a mp4 file wasn’t valid. The pattern language that they have is quite nice and having sections of the hex highlighted and being able to see what structures they represent and what data was on those structures was very useful!

    https://github.com/WerWolv/ImHex

  • radare2

    UNIX-like reverse engineering framework and command-line toolset

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • kubeshark

    The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes

    Project mention: Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring | news.ycombinator.com | 2023-09-06

    The one similar product I had come across is Kubeshark (https://github.com/kubeshark/kubeshark). But admittedly the eBPF way seems more performant theoretically (given you can afford to have a modern-enough kernel). I'm really excited to see how this project develops out.

    The eBPF-mode of innovation is pretty exciting, truly a fresh lens to building software. I'm also following Akita Software - the company building an eBPF paradigm of monitoring.

  • mvt

    MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

    Project mention: Exploiting the iPhone 4 | news.ycombinator.com | 2023-10-02

    Amnesty International released Mobile Verification Toolkit to check your phone for malware, by checking encrypted backups on your computer. https://github.com/mvt-project/mvt

  • prowler

    Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

    Project mention: Ask HN: Cloud security auditing for indie-grade projects? | news.ycombinator.com | 2023-12-04

    Which cloud provider?

    https://github.com/prowler-cloud/prowler is easy to get going with, and gives decent results. It's much stronger at AWS than GCP or Azure.

    Steampipe can be a little harder to wrap your head around, but scales really well and has broader support: https://hub.steampipe.io/mods?objectives=security

  • Infosec_Reference

    An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

  • oletools

    oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • chainsaw

    Rapidly Search and Hunt through Windows Forensic Artefacts

    Project mention: Agent event queue is flooded. Check the agent configuration | /r/Wazuh | 2023-06-30
  • timesketch

    Collaborative forensic timeline analysis

  • sleuthkit

    The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

    Project mention: Are there any GPU-powered disk forensics libraries/frameworks or programs? | /r/CUDA | 2023-09-28
  • autopsy

    Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

    Project mention: Best Method for Attorney to Review Acquired Data - Disk Images/.e01 files? | /r/computerforensics | 2023-05-24

    If the attorney needs to search for files by key terms, then a free to use analysis option is Autopsy (https://www.sleuthkit.org/autopsy/). Autopsy would need to be installed to the attorney's Windows workstation and then an Autopsy database of the forensic image file would need to be generated.

  • volatility3

    Volatility 3.0 development

    Project mention: Volatility 3 2.4.1 - New Linux and Windows plugins | /r/blueteamsec | 2023-04-22
  • hayabusa

    Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

    Project mention: Release v2.5.0 🦅 of Hayabusa - Hayabusa is a Windows event log fast forensics timeline generator and threat hunting tool | /r/blueteamsec | 2023-05-07
  • tcpflow

    TCP/IP packet demultiplexer. Download from:

  • plaso

    Super timeline all the things

  • MemLabs

    Educational, CTF-styled labs for individuals interested in Memory Forensics

    Project mention: Platform for training digital forensics | /r/digitalforensics | 2023-04-21
  • digital-forensics-lab

    Free hands-on digital forensics labs for students and faculty

  • Digital-Forensics-Guide

    Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

    Project mention: Most used DFIR tools | /r/cybersecurity | 2023-12-10

    If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide

  • andriller

    📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.

  • RecoverPy

    Interactively find and recover deleted or :point_right: overwritten :point_left: files from your terminal

    Project mention: RecoverPy 2.1.3: A Linux tool to recover deleted or overwritten files | /r/opensource | 2023-10-23
  • hindsight

    Web browser forensics for Google Chrome/Chromium

    Project mention: Saving cached telegram messages from Edge | /r/DataHoarder | 2023-04-29

    I guess it would work like any Chromium cache so first make a backup of your data %AppData%\Local\Microsoft\Edge\User Data\Default\ and use https://github.com/obsidianforensics/hindsight Telegram is encrypted so I don't know how this is going to be readable.

  • hackdroid

    Security Apps for Android (by thehackingsage)

  • ForensicsTools

    A list of free and open forensics analysis tools and other resources

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2024-03-07.

Forensics related posts

Index

What are some of the best open-source Forensic projects? This list will help you:

Project Stars
1 ImHex 32,418
2 radare2 19,447
3 kubeshark 10,462
4 mvt 9,701
5 prowler 9,424
6 Infosec_Reference 5,328
7 oletools 2,710
8 chainsaw 2,502
9 timesketch 2,470
10 sleuthkit 2,460
11 autopsy 2,205
12 volatility3 2,154
13 hayabusa 1,890
14 tcpflow 1,638
15 plaso 1,604
16 MemLabs 1,520
17 digital-forensics-lab 1,355
18 Digital-Forensics-Guide 1,304
19 andriller 1,246
20 RecoverPy 1,154
21 hindsight 1,006
22 hackdroid 864
23 ForensicsTools 850
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com