Rapidly Search and Hunt through Windows Forensic Artefacts

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

operative framework is a rust investigation OSINT framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

CLI tools for forensic investigation of Windows artifacts

A cross platform parser for Apple UnifiedLogs!

Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.

Wipe files and drives securely with random ASCII dicks

Find multi-byte-encoded strings in binary data (Gitlab mirror).

Search Index Database Reporter

A small util to brute-force prefetch hashes

RAIR: RAdare In Rust

Hunt down social media accounts by username across social networks

Forensic tool to read all installed packages from a mounted Arch Linux drive and compare the filesystem to a trusted source

ELEGANTBOUNCER is a detection tool for file-based mobile exploits.

Forensic framework to build tools that can be reused in multiple projects without changing anything

This aims to be a collection of tools to forensically analyze Active Directory databases

Library to handle the files in zff format (file format to store and handle forensic acquisitions).

tamper resistant audit log

Aralez is a triage tool for Windows that automates the collection of system information, network/process data, and files from NTFS.

eBPF based memory dumper for linux systems