Search Results for "forensic"
Sort By:
Showing 167 open source projects for "forensic"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Find Hidden Risks in Windows Task SchedulerWindows Task Scheduler might be hiding critical failures. Download the free JAMS diagnostic tool to uncover problems before they impact production—get a color-coded risk report with clear remediation steps in minutes.
-
1
Mobile Verification Toolkit
Helps with conducting forensics of mobile devices
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. It has been developed and released by the Amnesty International Security Lab in July 2021 in the context of the Pegasus project along with a technical forensic methodology and forensic evidence. MVT is a forensic research tool intended for technologists and investigators. ... -
2
Sherloq
An open source digital image forensic toolset
Sherloq is a research-oriented toolkit designed for digital image forensics, providing an integrated environment to experiment with algorithms for image analysis and tampering detection. Rather than functioning as an automated decision-making system, it serves as a companion tool for researchers, enthusiasts, and students who want to explore forensic techniques from scientific literature and workshops. The project emphasizes transparency and community collaboration, contrasting with proprietary forensic tools that often rely on secrecy. Initially developed in C++ in 2015 and later transitioned to a Qt-based GUI in 2017, Sherloq has since been ported to Python with PySide2, Matplotlib, and OpenCV to improve accessibility and ease of development. ... -
3
Plaso
Super timeline all the things
Plaso (Plaso Langar Að Safna Öllu), or "super timeline all the things," is a Python-based engine designed for automatic creation of timelines in digital forensic investigations. It processes various log files and artifacts to generate a chronological sequence of events, aiding analysts in understanding system activities. -
4
Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics
...Because live collection can alter system state, Live-Forensicator includes options to limit intrusive actions and to capture hashes, timestamps, and provenance metadata to aid later validation. The output bundles are often compatible with other forensic parsers and workflows, which helps teams move from initial triage to deep-dive forensic analysis without re-running collection tasks. -
Atera - The depth of a full-stack IT platform, with the power of AI.Atera prioritizes security and compliance through robust protections that align with industry standards. Our AI-driven features were built on responsible AI principles and empower IT teams to work efficiently while maintaining trust and compliance.
-
5
Dshell
Dshell is a network forensic analysis framework
An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures. This is a major framework update to Dshell. Plugins written for the previous version are not compatible with this version, and vice versa. By extension, dpkt and pypcap have been replaced with Python3-friendly pypacker and pcapy (respectively). -
6
WhoDB
A lightweight next-gen data explorer
WhoDB is a lightweight audit logging extension for PostgreSQL that helps track who accessed what data and when. It uses logical decoding and hooks into PostgreSQL internals to log query metadata, user identities, and timestamps in a separate audit schema. WhoDB is useful for compliance, security monitoring, and debugging in multi-user environments. -
7
Timesketch
Collaborative forensic timeline analysis
Timesketch is a collaborative forensic timeline analysis platform used to investigate security incidents by turning diverse evidence into a single, searchable chronology. Analysts ingest logs and artifacts from many sources—endpoints, servers, cloud services—and Timesketch normalizes them into events on a unified timeline. Powerful search, aggregations, and saved views help you pivot quickly, highlight anomalies, and preserve investigative steps for later review. -
8
MemProcFS Analyzer
Automated Forensic Analysis of Windows Memory Dumps for DFIR
MemProcFS-Analyzer is a forensic analysis toolset that builds on the MemProcFS virtual filesystem to make volatile memory artefacts easier to browse and interpret. By exposing process memory, kernel objects, and derived artifacts as regular files, the framework lets analysts use familiar filesystem operations and standard tools (editors, grep, diff) to explore memory snapshots. -
9
ExifTool
ExifTool meta information reader/writer
...It is scriptable and composable, with options to operate recursively, write sidecars, preserve originals, or do dry runs for safety. Professionals rely on ExifTool for digital asset management, forensic workflows, and any pipeline where metadata quality and traceability matter. -
Financial reporting cloud-based software.The software is cloud based and automates complexities around consolidating and reporting for groups with multiple year ends, currencies and ERP systems with a slice and dice approach to reporting. While retaining the structure, control and validation needed in a financial reporting tool, we’ve managed to keep things flexible.
-
10
O-Saft
O-Saft - OWASP SSL advanced forensic tool
O-Saft is an OWASP project that offers an advanced SSL/TLS analysis tool. It provides detailed information about SSL certificates and tests SSL connections against specified cipher lists, aiding in the assessment of SSL/TLS configurations. -
11
claude-code-transcripts
Tools for publishing transcripts for Claude Code sessions
...The generated HTML includes interactive navigation and can optionally be published to GitHub Gists for sharing with collaborators or embedding in other documentation. It also supports including the raw session JSON alongside the transcript for forensic or archival purposes. -
12
HiddenVM
HiddenVM — Use any desktop OS without leaving a trace
If at any time Tails pushes an unexpected update, and HiddenVM is not yet updated for it, and you are stuck with a new Tails and no working HiddenVM version, you can re-download and temporarily use an earlier version of Tails until HiddenVM is updated. There are archived direct HTTP download mirrors of Tails images, archived official torrents with PGP signatures, or third-party archives at linuxtracker.org or fosstorrents.com, etc. (Always verify third-party torrents with archived official... -
13
CompForTest
Computer Forensic Testing Code and Data
There seems to be a shortage of test data to verify that forensic analysis tools work as expected. This project creates such test data, along with instructions/suggestions for how to perform the tests. -
14
C99 Shell
Powerful and classic PHP web shell
...This tool is widely used by security professionals to understand how unauthorized scripts operate and to strengthen server defenses. Use C99 Shell responsibly in a secure environment for testing or forensic analysis only. -
15
key-elf
Forensic tool to recover lost BTC private keys.
A powerful utility to hunt down Bitcoin private keys from deleted wallet.dat files or damaged hard drives. If you accidentally deleted your Bitcoin Core wallet or formatted your disk, this tool can help. It bypasses the file system and scans the raw data directly, looking for the unique "fingerprint" (ASN.1 signature) of Bitcoin private keys to recover them from the digital wreckage.The Graphical User Interface (GUI) is the advanced/premium version. If needed, please visit:... -
16
Cyrethium
Cyrethium GNU/Linux Debian Based Privacy and Security Focused OS
This project is no longer maintained. Using it may be unsafe due to outdated kernel/packages !!!! Cyrethium is a Debian-based Linux distribution focused on privacy and security. It can route all incoming and outgoing internet traffic through the Tor network. DNSCrypt-Proxy and I2P Router are pre-configured. It provides strong protection against browser attacks with custom hardened Firefox variants. The distribution hosts a wide range of tools designed from scratch for Cyrethium and... -
17
Adaptive Intelligence
Adaptive Intelligence also known as "Artificial General Intelligence"
Adaptive Intelligence is the implementation of neural science, forensic psychology , behavioral science with machine-learning and artificial intelligence to provide advanced automated software platforms with the ability to adjust and thrive in dynamic environments by combining cognitive flexibility, emotional regulation, resilience, and practical problem-solving skills. -
18
recovery is a Live DVD/USB which aims troubleshooting, disk partitioning, system rescue, backup , restore data and desktop. This is a customized version of Debian Live. It contains : GParted, Clonezilla, Boot-Repair, LibreOffice and a lot of tools like ddrescue, Nwipe, TestDisk, DejaDup and many more version 2.4 - 19 September 2025 recovery is now modular in design, meaning programs can be installed simply by double clicking on module files. add modules : - borg 1.4.1 - calibre...
-
19
Dolphin-DVR-Pro
Professional CCTV DVR data recovery software.
Many new users wish to learn more about the features of Dolphin CCTV DVR data recovery software. Users can learn this actually by using the DVR recovery trial software. Here is a proven list of Dolphin DVR features: -
20
Chronolabs Cooperative
Superior Chronologistics ~ Transmultiversity organisation at home+out!
The Chronolabs cooperative has been operating from Sydney and around Australia from June 2006, we have and offer both closed and open source solutions to both the website consumer (Someone who needs a website) which can be either Person, Business or Government we also offer some Scientific testing and forensic systems as well as study broader topics away from web-design, the internet that are Boarder-line in this industry and beyond. Starting as a small start-up in 2006, Chronolabs has gone from strength to strength in supporting the Open Source community, namely XOOPS (see: http://xoops.org/) which was adopted by Chronolabs as a lot of the programmers from our community of developing this period was new to languages like PHP and LAMP Stack and XOOPS being OOP CI which is used in all VS and VS.NET it was the ideal choice for in-depth analysis and learning these open control mechanism coming from a Visual Studio and Visual Studio .NET -
21
q4rescue
A live linux Rescue toolkit/Emergency OS - based on q4os Trinity
A live linux system rescue toolkit based on q4os Trinity available as a bootable iso for administrating, repairing and cloning/restoring your system and data. Check wiki for full description : https://sourceforge.net/p/q4rescue/wiki/ Main tools: -Foxclone -Rescuezilla -Clonezilla -DDrescue-gui -qtfsarchiver -G4L -Apart -Testdisk -Photorec -Boot Repair -WoeUSB -Q4OS imager -UNetbootin -usbimager -Kdirstats -Kdiskmark -Rclone & Rclone... -
22
JakiKaliOS
JakiKaliOS V.0.01 is a LiveRAM Debian distribution based on Kali Linux
JakiKaliOS is a LiveRAM Linux distribution based on Kali Linux, designed for cybersecurity professionals, ethical hackers, forensic analysts, and laboratory environments. The system runs entirely in RAM by default, leaving no disk footprint and providing fast, clean, and temporary work sessions ideal for security testing and controlled operations. JakiKaliOS includes a lightweight XFCE desktop optimized for performance and low resource usage, suitable for virtual machines, VPS consoles, and bare metal systems. ... -
23
Linux Engineer Toolkit Live
Portable Linux engineer toolkit for recovery, repair & data rescue
Linux Engineer Toolkit (LengToolkit) Live is a specialized, recovery-oriented Linux distribution designed for system engineers and IT professionals. Operating exclusively in Live mode, it provides a robust environment to rescue failing systems, recover lost data, and manage disk infrastructures without the need for installation. -
24
sentinel
Sentinel is a filesystem-backed document DBMS written in Rust.
Sentinel is a filesystem-backed document DBMS built in Rust that prioritizes compliance, transparency, and auditability over raw performance. Unlike traditional databases, every document is a plain JSON file, making your data immediately forensic-friendly and Git-versionable. Perfect for regulated industries requiring GDPR, SOC 2, HIPAA, or PCI-DSS compliance. Sentinel provides async operations with automatic BLAKE3 hashing and optional Ed25519 signatures for cryptographic integrity. Data encryption supports AES-256-GCM, XChaCha20-Poly1305, and Ascon-128. Each document includes full audit metadata—creation timestamps, version history, hashes, and signatures—viewable with standard UNIX tools. ... -
25
WTE
Forensic Windows Triage Environment
* Files are compressed and ENCRYPTED so are identified as "Malware" by Sourceforge. Criminal Investigators auxiliary in conducting investigations on computer systems. WTE is an easy to use, integrated forensic system that enables an investigator to safely image, preview and analyze internal hard drives (DeadBox), and also to conduct live forensics (LiveBox) or data recovery, using their tool(s) of choice. Safely and Easily Search and Triage with no need to disassemble computers or laptops, or to use physical write-blockers or any heavy and expensive forensic station. ...
