A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.

MacOS forensic acquisition made simple

A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts

A tool for fetching DFIR and other GitHub tools.

Casting light on shadow cloud deployments. Detect exposure of resources deployed in AWS.

Vault of Windows Registry forensic artifacts

Cryptocurrency Discovery and Triage Tool - Identify multiple cryptocurrency addresses and transactions from various wallet applications!

Outil de triage automatisé de différents types de collectes d'artefacts.

Yerel ağlarda anomaly detection, saldırı tespiti ve adli bilişim analizi yapan tek Pythontkinter tabanlı açık kaynak araç. Özelleştirilebilir imza veritabanıyla Türkiye odaklı tehditleri yakalar!

A deployment and testing platform for Velociraptor's client artifacts

Convert Kape Files to DFIR-ORC configurations

OpenRelik ertools worker

Unified cases, seamless integrations

macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR

Linux Forensic Collector, Quick & Thorough.

A forensic command-line tool for deep analyzing PDF files

TruxTrace is a Linux user simulation tool that emulates realistic command-line behavior for single and multiple users. It’s designed for learning, testing, and digital forensics, generating artifacts like logs and histories to replicate real-world usage scenarios.

bfcpf stands for "Brute Force CPF" and it is a CLI tool that breaks a partial CPF, finding all valid ones within the pattern given by the user.

Minimalist Collaborative Digital Logbook