UNIX-like reverse engineering framework and command-line toolset
-
Updated
May 17, 2024 - C
UNIX-like reverse engineering framework and command-line toolset
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
A Linux packet crafting tool.
Malware Behavior Analyzer
CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Windows Recycle Bin analyser
👾 𝘁𝗼𝗼𝗹𝘀 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵𝗲𝗿𝘀: 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴, 𝗖𝗧𝗙𝘀 & 𝘄𝗮𝗿𝗴𝗮𝗺𝗲𝘀
Enhanced version of dd for forensics and security
Fileless persistence, attacks and anti-forensic capabilties.
dcfldd - enhanced version of dd for forensics and security
Rootkit Detector for UNIX
Process-aware, eBPF-based tcpdump
Reveal encrypted files stored on a filesystem.
Illuminant inconsistencies for image splicing detection in forensics
Trace ScriptBlock execution for powershell v2
A tiny data wiping library and tool.
Explore how Unix-like OS (Linux, BSD, macOS...) modify MACB timestamps and check against POSIX (non-)compliance
Add a description, image, and links to the forensics topic page so that developers can more easily learn about it.
To associate your repository with the forensics topic, visit your repo's landing page and select "manage topics."