Search Results for "file system forensic analysis"
Sort By:
Showing 483 open source projects for "file system forensic analysis"
View related business solutions-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
Powerful Business Process AutomationWhen a message is received ThinkAutomation automatically executes one or more Automations. Automations are created using an easy to use drag-and-drop interface to run simple or complex tasks. Automations can perform many business process Actions, including: updating company databases, CRM systems and cloud services, sending outgoing emails, Teams & SMS messages, document processing, custom scripting, integration and much more. Over 100 built-in actions are included, plus ThinkAutomation is extensible with Custom Actions.
-
1
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. Using it requires... -
2
Plaso
Super timeline all the things
Plaso (Plaso Langar Að Safna Öllu), or "super timeline all the things," is a Python-based engine designed for automatic creation of timelines in digital forensic investigations. It processes various log files and artifacts to generate a chronological sequence of events, aiding analysts in understanding system activities. -
3
Sherloq
An open source digital image forensic toolset
Sherloq is a research-oriented toolkit designed for digital image forensics, providing an integrated environment to experiment with algorithms for image analysis and tampering detection. Rather than functioning as an automated decision-making system, it serves as a companion tool for researchers, enthusiasts, and students who want to explore forensic techniques from scientific literature and workshops. The project emphasizes transparency and community collaboration, contrasting with proprietary forensic tools that often rely on secrecy. ... -
4
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
...Because live collection can alter system state, Live-Forensicator includes options to limit intrusive actions and to capture hashes, timestamps, and provenance metadata to aid later validation. The output bundles are often compatible with other forensic parsers and workflows, which helps teams move from initial triage to deep-dive forensic analysis without re-running collection tasks. -
Multi-Entity Cloud Accounting Software for Growing BusinessesBuilt natively on the Microsoft Power Platform (Dynamics 365), Gravity delivers robust multi-entity financial management with seamless integration to Microsoft 365, Power BI, Teams + Copilot — no third-party add-ons required.
-
5
Dshell
Dshell is a network forensic analysis framework
An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures. This is a major framework update to Dshell. Plugins written for the previous version are not compatible with this version, and vice versa. By extension, dpkt and pypcap have been replaced with Python3-friendly pypacker and pcapy (respectively). Enables development of external plugin packs, allowing the sharing and installation of new,... -
6
Timesketch
Collaborative forensic timeline analysis
Timesketch is a collaborative forensic timeline analysis platform used to investigate security incidents by turning diverse evidence into a single, searchable chronology. Analysts ingest logs and artifacts from many sources—endpoints, servers, cloud services—and Timesketch normalizes them into events on a unified timeline. Powerful search, aggregations, and saved views help you pivot quickly, highlight anomalies, and preserve investigative steps for later review. -
7
Pants Build System
The Pants Build System
...Pants requires very minimal BUILD file metadata/boilerplate. It uses a combination of static analysis and sensible defaults to infer most of that information on the fly. So your BUILD files can be very minimal — and even those can be generated and updated for you. Pants has out-of-the-box support for multiple dependency resolves and their corresponding lockfiles, so you can have hermetic, repeatable builds that are resilient to supply chain attacks, even in complex situations where you have multiple versions of the same dependencies in different parts of the codebase. -
8
DwarFS
A fast high compression read-only file system for Linux, Windows
The Deduplicating Warp-speed Advanced Read-only File System. A fast high compression read-only file system for Linux and Windows. DwarFS is a read-only file system with a focus on achieving very high compression ratios in particular for very redundant data. This probably doesn't sound very exciting, because if it's redundant, it should compress well. However, I found that other read-only, compressed file systems don't do a very good job at making use of this redundancy. See here for a... -
9
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
Track time for payroll, billing and productivityBecause time is money, and we understand how challenging it can be to keep track of employee hours. The constant reminder to log timesheets so your business can increase billables, run an accurate payroll and remove the guesswork from project estimates – we get it.
-
10
Zeek
Zeek is a powerful network analysis framework
Zeek has a long history in the open source and digital security worlds. Vern Paxson began developing the project in the 1990s under the name “Bro” as a means to understand what was happening on his university and national laboratory networks. Vern and the project’s leadership team renamed Bro to Zeek in late 2018 to celebrate its expansion and continued development. Zeek is not an active security device, like a firewall or intrusion prevention system. Rather, Zeek sits on a “sensor,” a... -
11
PowerSystems.jl
Data structures in Julia to enable power systems analysis
The PowerSystems.jl package provides a rigorous data model using Julia structures to enable power systems analysis and modeling. In addition to stand-alone system analysis tools and data model building, the PowerSystems.jl package is used as the foundational data container for the PowerSimulations.jl and PowerSimulationsDynamics.jl packages. PowerSystems.jl supports a limited number of data file formats for parsing. -
12
MoarVM
A runtime built for the 6model object system
Short for "Metamodel On A Runtime", MoarVM is a modern virtual machine built for the Rakudo Perl 6 compiler and the NQP Compiler Toolchain. MoarVM is used by the majority of Perl 6 programmers. Highlights include: Great Unicode support, with strings represented at grapheme level, dynamic analysis of running code to identify hot functions and loops, and perform a range of optimizations, including type specialization and inlining, support for threads, a range of concurrency control constructs,... -
13
workflowr
Organize your project into a research website
workflowr is an R package that helps researchers organize, version, and share their data science projects in a reproducible and transparent manner. It combines R Markdown, Git, and a structured file system to create a research website that tracks analysis, results, and code changes over time. It’s ideal for academic and collaborative research workflows. -
14
nixd
Nix language server, based on nix libraries
This is a feature-rich nix language server interoperating with C++ nix. -
15
Perfetto
Production-grade client-side tracing, profiling, and analysis
Perfetto is a production-grade tracing platform for Android, Linux, and Chrome that captures extremely detailed information about what a system is doing over time. It’s designed around a low-overhead producer/consumer model: instrumented components (“producers”) write binary events into shared memory buffers and a collector (“service”) reliably streams them to storage. The data model spans kernel and userspace, so you can stitch together CPU scheduling, app lifecycles, binder/IPC hops, GPU work, power and thermal signals, file I/O, heap samples, and more into a single coherent timeline. ... -
16
AWS IoT Device Defender Library
Client library for using AWS IoT Defender service on embedded devices
The Device Defender library enables you to send device metrics to the AWS IoT Device Defender Service. This library also supports custom metrics, a feature that helps you monitor operational health metrics that are unique to your fleet or use case. For example, you can define a new metric to monitor the memory usage or CPU usage on your devices. This library has no dependencies on any additional libraries other than the standard C library, and therefore, can be used with any MQTT client... -
17
Glow OS
System Analysis Software
Glow is an educational, hobbyist operating system written in C and Assembly, developed to help learners understand the internals of OS design and kernel development. Targeting x86_64 systems, Glow features its own kernel, bootloader, and minimal userland. With clear code structure and a simple design, it serves as a playground for experimenting with low-level systems programming, boot sequences, interrupt handling, and basic UI components like shells and text rendering. -
18
Druid
Database connection pool written in Java
Druid is an open-source database connection pool written in Java. Druid is able to provide an extensive number of powerful monitoring functionalities for database connection. Druid has been deployed to the maven central repository. Druid provides a monitoring feature that can be implemented through filter-chain. It also comes with WallFilter, that is based on the SQL semantic analysis to protect from SQL injection attacks. Monitor connection leaks and connect to other databases, like Oracle database. -
19
AWS IoT Jobs library
Client library for using AWS IoT Jobs service on embedded devices
The AWS IoT Jobs library helps you notify connected IoT devices of a pending Job. A Job can be used to manage your fleet of devices, update firmware and security certificates on your devices, or perform administrative tasks such as restarting devices and performing diagnostics. It interacts with the AWS IoT Jobs service using MQTT, a lightweight publish-subscribe protocol. This library provides a convenience API to compose and recognize the MQTT topic strings used by the Jobs service. The... -
20
PocketFlow Tutorial Codebase Knowledge
Codebase to Tutorial
PocketFlow Tutorial Codebase Knowledge is a project that demonstrates how to build an AI agent capable of analyzing arbitrary codebases and generating beginner-friendly tutorials that explain how they work, turning complex source code into clear educational content. The repository builds on a lightweight 100-line LLM framework and uses natural language models to inspect repository structures, identify core abstractions, map dependencies, and articulate the reasoning behind code design and... -
21
GRR
GRR Rapid Response, remote live forensics for incident response
...It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. “Work” means running a specific action, downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers, fleetspeak) and provides a web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data. -
22
eslint-plugin-jsx-a11y
Static AST checker for a11y rules on JSX elements
Static AST checker for accessibility rules on JSX elements. This plugin does a static evaluation of the JSX to spot accessibility issues in React apps. Because it only catches errors in static code, use it in combination with axe-core/react to test the accessibility of the rendered DOM. Consider these tools just as one step of a larger a11y testing process and always test your apps with assistive technology. If you installed ESLint globally (using the -g flag in npm, or the global prefix in... -
23
DuckDB
DuckDB is an in-process SQL OLAP Database Management System
DuckDB is a high-performance analytical database system. It is designed to be fast, reliable and easy to use. DuckDB provides a rich SQL dialect, with support far beyond basic SQL. DuckDB supports arbitrary and nested correlated subqueries, window functions, collations, complex types (arrays, structs), and more. For more information on the goals of DuckDB, please refer to the Why DuckDB page on our website. Processing and storing tabular datasets, e.g. from CSV or Parquet files. Interactive... -
24
C99 Shell
Powerful and classic PHP web shell
Download the latest version of C99 Shell – a powerful and classic PHP web shell used for penetration testing, server file management, and vulnerability analysis. C99 Shell offers a full-featured interface to browse files, execute commands, manage MySQL databases, and explore server configurations remotely. This tool is widely used by security professionals to understand how unauthorized scripts operate and to strengthen server defenses. Use C99 Shell responsibly in a secure environment for testing or forensic analysis only. -
25
AI File Sorter
Local AI file organization with categorization and rename suggestions
AI File Sorter is a cross-platform desktop application that uses AI to organize files and suggest meaningful file names based on real content, not just filenames or extensions. The app can analyze image files locally and propose human-readable rename suggestions (for example, IMG_2048.jpg → clouds_over_lake.jpg). It can also analyze the text content of documents to improve categorization and renaming. Supported formats include PDF, DOCX, XLSX, PPTX, ODT, ODS, ODP, and common text files....