A list of free and open forensics analysis tools and other resources

Collaborative Incident Response platform

macOS forensic acquisition made simple

macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR

C# Library and research notes for Windows 11 Notepad State Files

A collection of PowerShell scripts for analyzing macOS Forensic Artifacts

Automatically create iSCSI targets for all drives except for a boot device

Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecuritynews.com/windows-event-log-analysis/, to quickly highlight key forensic artifacts.

Digital Forensics Essentials (DFE)

Reverse Engineering the Tabstate files for Windows Notepad

Decryption tool for LockMyPix android app

DFLER: Drone Flight Log Entity Recognizer to Support Forensic Investigation on Drone Device

A Python tool to analyze and export login activity from /var/log/lastlog for security.

A tool that detects files and directories that may be hidden by trojan and rootkits on Unix platforms

A digital forensics educational game to promote the procedures carried out within a digital investigation - created using Godot

Binary Analysis of a Saved Notepad Tab

VMDetect is a Python based Windows VM detection and environment forensics tool that reads ACPI/SMBIOS firmware tables and system artifacts to expose virtual machines, even if people try to hide them!

This repository contains various scripts that can be used to obtain information about IP addresses and MAC addresses.

Chain of Custody is a tamper-proof forensic evidence system ensuring integrity, traceability, and availability through dual storage (Local + IPFS), fuzzy hashing, and a private blockchain with role-based access control. 4th Place @ CIDECODE 2.0