dff
Forensic tool
A framework for automating digital forensic analysis and incident response
DFF (Digital Forensics Framework) is a Forensics Framework coming with command line and graphical interfaces. DFF can be used to investigate hard drives and volatile memory and create reports about user and system activities.
274 stars
29 watching
57 forks
Language: Python
last commit: almost 5 years ago
Linked from 1 awesome list
cugu/awesome-forensicsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 msuhanov/dfir_ntfs | A digital forensics tool for parsing and analyzing NTFS/FAT file systems. | 192 |
 travisfoley/dfirtriage | A digital forensic tool designed to gather and analyze data from Windows-based systems in incident response scenarios. | 334 |
 teamdfir/sift | A suite of tools and images for building and managing digital forensics environments on AWS | 493 |
 sshock/afflibv3 | A comprehensive file format and tool suite for storing and analyzing digital evidence in forensic investigations. | 80 |
 fox-it/dissect | A digital forensics framework that provides tools and parsers to analyze forensic artefacts from various disk and file formats. | 931 |
 coinbase/dexter | A forensics acquisition framework for secure and extensible digital evidence collection and analysis. | 125 |
 anssi-fr/dfir4vsphere | A PowerShell module for collecting logs and forensics data from VMware vSphere environments. | 141 |
 diogo-fernan/ir-rescue | A tool for comprehensively collecting host forensic data during incident response and analysis. | 466 |
 dfir-iris/iris-web | A collaborative incident response platform allowing technical details to be shared during investigations | 1,086 |
 dissectmalware/officeforensictools | A Python-based collection of tools for gathering forensic information from Office documents | 26 |
 netflix-skunkworks/diffy | An incident response tool that helps digital forensics teams analyze and prioritize suspicious hosts in cloud environments | 635 |
 google/turbinia | Automates and scales digital forensic processing workflows to handle large amounts of evidence in the cloud. | 752 |
 dolevf/graphw00f | A tool to identify and analyze the underlying technology behind a GraphQL endpoint. | 582 |
 homeport/dyff | A tool that compares two versions of files and shows the differences. | 1,328 |
 ydkhatri/mac_apt | A digital forensics tool for analyzing macOS and iOS systems | 786 |