-
fjta Public
FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), generates timelines, and detects suspicious activities.
-
-
uac Public
Forked from tclahr/uacUAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler…
-
sleuthkit Public
Forked from sleuthkit/sleuthkitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digi…
C++ UpdatedNov 11, 2025 -
SANS-ISC Public
Forked from xme/SANS-ISCData related to the SANS Internet Storm Center
Python UpdatedNov 10, 2025 -
-
lldbinit Public
Forked from gdbinit/lldbinitA gdbinit clone for LLDB
-
VMDragonSlayer Public
Forked from poppopjmp/VMDragonSlayerAutomated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic…
GNU General Public License v3.0 UpdatedAug 28, 2025 -
flare-ida Public
Forked from mandiant/flare-idaIDA Pro utilities from FLARE team
-
CrackMapExec Public
Forked from byt3bl33d3r/CrackMapExecA swiss army knife for pentesting networks
-
sqlite-dissect Public
Forked from kchason/sqlite-dissectDC3 SQLite Dissect
-
macosac Public
Forensic Artifact Collection Tool for macOS
-
BruteForceAI Public
Forked from MorDavid/BruteForceAIAdvanced LLM-powered brute-force tool combining AI intelligence with automated login attacks
Python Other UpdatedJul 27, 2025 -
linimagemounter Public
LinImageMounter is a Python tool designed to simplify the process of mounting disk images on Linux systems.
-
mac_apt Public
Forked from ydkhatri/mac_aptmacOS (& ios) Artifact Parsing Tool
-
RECmd Public
Forked from EricZimmerman/RECmdCommand line access to the Registry
Rebol MIT License UpdatedDec 7, 2024 -
cidre-vm Public
Forked from kohnakagawa/cidre-vmSoftware installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware
-
extstomp Public
Forked from halpomeranz/extstompSet MACB timestamps in EXT file system inodes
Shell Creative Commons Attribution Share Alike 4.0 International UpdatedSep 2, 2024 -
bgiparser Public
A parsing tool for backgrounditems.btm
-
dissect.target Public
Forked from fox-it/dissect.targetThe Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collecti…
Python GNU Affero General Public License v3.0 UpdatedApr 2, 2024 -
llios Public
Forked from qyang-nj/lliosRandom stuff about lower level iOS
-
ma2tl Public
macOS forensic timeline generator using the analysis result DBs of mac_apt
-
objective-see_Malware Public
Forked from objective-see/MalwaremacOS Malware Collection
-
Hibr2Bin Public
Forked from MagnetForensics/Hibr2BinComae Hibernation File Decompressor
-
Mac_ISF Public
Forked from forensicxlab/Mac_ISFVolatility3 ISF for Mac Os memory forensic.
1 UpdatedMar 20, 2023 -
wevt_template Public
Forked from williballenthin/wevt_templateextract and parse WEVT_TEMPLATEs from PE files
Rust Apache License 2.0 UpdatedMar 13, 2023 -
Havoc Public
Forked from HavocFramework/HavocThe Havoc Framework.
Go GNU General Public License v3.0 UpdatedMar 9, 2023 -
sliver Public
Forked from BishopFox/sliverAdversary Emulation Framework
Go GNU General Public License v3.0 UpdatedMar 8, 2023 -
vss_carver Public
Carves and recreates VSS catalog and store from Windows disk image.
-
AlphaGolang Public
Forked from SentineLabs/AlphaGolangIDApython Scripts for Analyzing Golang Binaries
Python GNU General Public License v3.0 UpdatedOct 28, 2022
{{ message }}