UNIX-like reverse engineering framework and command-line toolset
-
Updated
Jul 7, 2024 - C
UNIX-like reverse engineering framework and command-line toolset
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
A Linux packet crafting tool.
Process-aware, eBPF-based tcpdump
Malware Behavior Analyzer
CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Windows Recycle Bin analyser
👾 𝘁𝗼𝗼𝗹𝘀 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵𝗲𝗿𝘀: 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴, 𝗖𝗧𝗙𝘀 & 𝘄𝗮𝗿𝗴𝗮𝗺𝗲𝘀
Enhanced version of dd for forensics and security
Fileless persistence, attacks and anti-forensic capabilties.
dcfldd - enhanced version of dd for forensics and security
Rootkit Detector for UNIX
Reveal encrypted files stored on a filesystem.
Illuminant inconsistencies for image splicing detection in forensics
Trace ScriptBlock execution for powershell v2
Binary EYE is a viewer of binary files with a built-in editor
Add a description, image, and links to the forensics topic page so that developers can more easily learn about it.
To associate your repository with the forensics topic, visit your repo's landing page and select "manage topics."