This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

An advanced memory forensics framework

Dshell is a network forensic analysis framework.

GRR Rapid Response: remote live forensics for incident response

⭐️ A curated list of awesome forensic analysis tools and resources

« usbkill » is an anti-forensic kill-switch that waits for a change on your USB ports and then immediately shuts down your computer.

Linux Runtime Security and Forensics using eBPF

Rapidly Search and Hunt through Windows Forensic Artefacts

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

Collaborative forensic timeline analysis

OS X Auditor is a free Mac OS X computer forensics tool

An open-source digital image forensic toolset

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Github of the FaceForensics dataset

Free hands-on digital forensics labs for students and faculty

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.

🕵️ OSINT Tools for gathering information and actions forensics 🕵️

A list of free and open forensics analysis tools and other resources

Rekall Memory Forensic Framework

LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.

A forensic evidence collection & analysis toolkit for OS X

Educational, CTF-styled labs for individuals interested in Memory Forensics

:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.

Collaborative Incident Response platform

PowerForensics provides an all in one platform for live disk forensic analysis