Search Results for "forensics"
Sort By:
Showing 134 open source projects for "forensics"
View related business solutions-
La version gratuite d'Auth0 s'enrichit !Vous l'avez demandé, nous l'avons fait ! Les versions gratuite et payante d'Auth0 incluent des options qui vous permettent de développer, déployer et faire évoluer vos applications en toute sécurité. Utilisez Auth0 dès maintenant pour découvrir tous ses avantages.
-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
1
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
2
Autopsy
Autopsy® is a digital forensics platform and graphical interface
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card. Autopsy was designed to be intuitive out of the box. Installation is easy and wizards guide you through every step. All results are found in a single tree. See the intuitive page for more details... -
3
-
4
Volatility
An advanced memory forensics framework
Volatility is a widely used open-source framework for analyzing memory captures (RAM dumps) from Windows, Linux, and macOS systems. It enables investigators and malware analysts to extract process lists, network connections, DLLs, strings, artifacts, and more. Volatility supports many plugins for detecting hidden processes, malware, rootkits, and event tracing. It’s essential in digital forensics and incident response workflows. -
Powerful Website Security | Continuous Web Threat PlatformReflectiz is a comprehensive web exposure management platform that helps organizations proactively identify, monitor, and mitigate security, privacy, and compliance risks across their online environments. Designed to address the growing complexity of modern websites, Reflectiz provides full visibility and control over first, third, and even fourth-party components, such as scripts, trackers, and open-source libraries that often evade traditional security tools.
-
5
FLARE VM
A collection of software installations scripts for Windows systems
FLARE VM is a security-focused Windows workstation distribution designed for malware analysis, reverse engineering, penetration testing, and threat hunting. It bundles a curated set of tools—disassemblers, debuggers, decompilers, virtualization, forensics utilities, packet capture tools, exploit frameworks, and hex editors—preconfigured to work together. The environment configures paths, dependencies, environment variables, and common tool integrations so analysts can focus on tasks rather than... -
6
Radare2
UNIX-like reverse engineering framework and command-line toolset
A free/libre toolchain for easing several low-level tasks like forensics, software reverse engineering, exploiting, and debugging. It is composed by a bunch of libraries (which are extended with plugins) and programs that can be automated with almost any programming language. It is recommended to install it from git, alternatively, you can pick the last release (every 6 weeks) from Github. Batch, Commandline, visual, and panels interactive modes. Embedded webserver with js scripting and WebUI... -
7
ExifTool
ExifTool meta information reader/writer
ExifTool is a battle-tested Perl application for reading, writing, and batch-editing metadata in thousands of file types—images, videos, audio, documents, and more. It understands major standards like EXIF, IPTC, and XMP as well as an enormous range of camera maker notes and container formats (for example, QuickTime/MP4, PDF, TIFF). Typical workflows include extracting metadata to JSON/CSV/XML, renaming files from timestamps or tags, shifting capture times, copying tags between files, and... -
8
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. Using it requires... -
9
GRR
GRR Rapid Response, remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed... -
Network Management Software and Tools for Businesses and Organizations | Auvik NetworksReduce IT headaches and save time with a proven solution for automated network discovery, documentation, and performance monitoring. Choose Auvik because you'll see value in minutes, and stay with us to improve your IT for years to come.
-
10
Sherloq
An open source digital image forensic toolset
Sherloq is a research-oriented toolkit designed for digital image forensics, providing an integrated environment to experiment with algorithms for image analysis and tampering detection. Rather than functioning as an automated decision-making system, it serves as a companion tool for researchers, enthusiasts, and students who want to explore forensic techniques from scientific literature and workshops. The project emphasizes transparency and community collaboration, contrasting with proprietary... -
11
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services... -
12
MantaRay Forensics
An Open Source Project | Since 2013 | SANS SIFT Automation | Hash Sets
MantaRay Forensics | An Open Source Project | Since 2013 | SANS SIFT Automation | Hash Sets MantaRay is designed to automate processing forensic evidence with open source tools. Released in SIFT 3.0 in 2013, with support for numerous image formats, the tool provides a scalable framework to utilize open source and custom exploitation tools. MantaRay is developed by forensic examiners with more than 30 years of collective experience in computer forensics. Additionally, the team releases...">
-
13
Google CTF
Google CTF
Google CTF is the public repository that houses most of the challenges from Google’s Capture-the-Flag competitions since 2017 and the infrastructure used to run them. It’s a learning and practice archive: competitors and educators can replay tasks across categories like pwn, reversing, crypto, web, sandboxing, and forensics. The code and binaries intentionally contain vulnerabilities—by design—so users can explore exploit chains and patching in realistic settings. The repo also includes... -
14
Tracee
Linux Runtime Security and Forensics using eBPF
Tracee is a runtime security and observability tool that helps you understand how your system and applications behave. It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns. -
15
Infosec Reference
An Information Security Reference That Doesn't Suck
Infosec Reference is a curated knowledge base and resource repository for information security practitioners. It aggregates cheat sheets, tooling guides, protocol deep dives, incident response playbooks, and threat actor profiles—all organized under accessible categories (network, web, host, cryptography, auditing). The repo is built as a living wiki of sorts: practitioners contribute updates, expand sections, or refine explanations as the threat landscape evolves. Because security spans... -
16
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
Live-Forensicator is a toolkit intended for live forensic collection and initial triage on Windows machines. It automates the capture of volatile information—running processes, network connections, loaded drivers, account sessions, and in-memory artifacts—into a consistent artifact set that investigators can analyze offline. The tool tries to be non-invasive while collecting sensitive data quickly and logs the collection steps to preserve chain-of-custody details and to help auditors... -
17
X-Ways Forensics X-Tension API
Code and binaries for creating plugins for X-Ways Forensics
This project site contains files needed to create plugins for X-Ways Forensics. These plugins are called X-Tensions and you may use any language that can interoperate with native code to create X-Tensions. The code on this site specifically helps with creating X-Tensions in C/C++, Python and C#. C/C++ usually offers good performance and a broad range of libraries. Python focuses on coding convenience. Python has powerful math libraries which drive the current AI revolution. While Python... -
18
-
19
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
">
-
20
WIN-FOR
A Windows Forensics VM Builder
-
21
Spybot Search and Destroy
Protect your computer against malware
Spybot - Search & Destroy is an anti-spyware and privacy protection tool that has been providing quality security solutions since the early 2000's. Spybot S&D provides complete anti-malware and anti-spyware protection as the System Scan aims to detect and remove all kinds of threats from your Windows PC. These include Adware, Spyware, Trojans and many more. Spybot's Immunization feature keeps you safe online by preventing access to malicious sites and blocks tracking cookies. Spybots Forensics... -
22
**GNU/Linux KDu** desenvolvido para uso no **KDE sob o Kubuntu** de uma forma fácil de aplicação da usabilidade mais interativa com seu usuário, tornando-se intuitivo com todos os seus recursos, otimizado para que seus aplicativos possam trazer aos usuários uma interpretação real do que é um **Sistema Operacional Linux** seguro e fácil como todos os Linux, **GNU/Linux KDu traz vários aplicativos já implementados e testados assim como centenas de recursos aos usuários mais avançados** e...
-
23
SNĒZ is a web interface to the popular open source IDS programs SNORT® and Suricata. IDS output can be unified2 or JSON formats. The main design feature of SNĒZ is the ability to filter alerts based on criteria set by, and documented by, a security analyst. Alerts are viewed and summarized in different ways, filtered, and documented until ideally no alerts remain. At any time, filters can be suppressed so that all collected alerts can be analyzed for patterns, forensics, etc. Filters can...
-
24
WTE
Forensic Windows Triage Environment
* Files are compressed and ENCRYPTED so are identified as "Malware" by Sourceforge. Criminal Investigators auxiliary in conducting investigations on computer systems. WTE is an easy to use, integrated forensic system that enables an investigator to safely image, preview and analyze internal hard drives (DeadBox), and also to conduct live forensics (LiveBox) or data recovery, using their tool(s) of choice. Safely and Easily Search and Triage with no need to disassemble computers or laptops... -
25
BlackBuntu Linux
BlackBuntu Linux
BlackBuntu is born from the passion and spirit of 2 specialists. Let’s cut the bullshit, this distribution is a GNU/Linux distribution based on Ubuntu and designed with Pentest, Security and Development in mind for the best experience. With advanced accessibility tools and options to change language, colour scheme and text size, Blackbuntu makes computing easy – whoever and wherever you are. BlackBuntu is a fully open source project, anyone can see what is inside. The building source code...