⭐️ A curated list of awesome forensic analysis tools and resources

• UpdatedNov 23, 2025

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

• UpdatedJan 4, 2024
• Python

A list of free and open forensics analysis tools and other resources

• UpdatedApr 20, 2025

❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

• UpdatedMar 28, 2022
• Python

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

• UpdatedNov 16, 2025

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

• UpdatedNov 7, 2024
• Python

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

• UpdatedDec 13, 2022
• Python

Collaborative Incident Response platform

• UpdatedNov 21, 2025
• Python

WhatsApp Parser Toolset v1.59

• UpdatedDec 11, 2025
• Python

Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information.

• UpdatedNov 27, 2023
• HTML

Avilla Forensics FREE

• UpdatedDec 10, 2025
• C#

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

• UpdatedNov 5, 2023
• PowerShell

WinDBG Anti-RootKit Extension

• UpdatedJul 29, 2020
• C++

Awesome list of digital forensic tools

• UpdatedNov 16, 2020

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

• UpdatedAug 13, 2024

CLI tools for forensic investigation of Windows artifacts

• UpdatedJul 21, 2025
• Rust

A collection of tools for forensic analysis

• UpdatedSep 12, 2019
• Python

A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.

• UpdatedNov 6, 2025
• C#

Forensic toolkit for iOS sysdiagnose feature

• UpdatedDec 16, 2025
• Python

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely u…

• UpdatedAug 4, 2018
• Python