
python-haystack is an heap analysis framework, focused on searching and reversing of C structure in allocated memory. The first function/API is the SEARCH function. It…

BigBrainSecurity/cleanMFT.py filters master file tables and makes them more bearable to deal with. The primary use of the program is to import a text file…

‘lifer‘ is a Windows or *nix command-line tool inspired by the whitepaper ‘The Meaning of Link Files in Forensic Examinations’ by Harry Parsonage and available…

Changelog Operative v1.0b: + Generate new module file for developpers + Campaign function + Import of ‘export module’ + JSON export module + XML export…

Changelog PytheM v0.6.7: + ARP spoofing improve. + History completer for session. + adding more command-line help messages. + http sniffer updated. + SSLKill as…

pom-ng is a network forensics tool that parses network traffic from files, network interfaces and other and allow you to get any information you wish…

logdissect is a tool for gaining insight into syslog files. It can merge multiple log files together and sort by timestamp, and filter the results…

PassiveDNS is A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring (NSM) and general digital forensics. PassiveDNS sniffs traffic from…