dff

Forensic tool

A framework for automating digital forensic analysis and incident response

DFF (Digital Forensics Framework) is a Forensics Framework coming with command line and graphical interfaces. DFF can be used to investigate hard drives and volatile memory and create reports about user and system activities.

GitHub

276 stars
29 watching
56 forks
Language: Python
last commit: almost 5 years ago
Linked from 1 awesome list


Backlinks from these awesome lists:

Related projects:

Repository Description Stars
msuhanov/dfir_ntfs A digital forensics tool for parsing and analyzing NTFS/FAT file systems. 196
travisfoley/dfirtriage A digital forensic tool designed to gather and analyze data from Windows-based systems in incident response scenarios. 335
teamdfir/sift A suite of tools and images for building and managing digital forensics environments on AWS 494
sshock/afflibv3 A comprehensive file format and tool suite for storing and analyzing digital evidence in forensic investigations. 81
fox-it/dissect A digital forensics framework that provides tools and parsers to analyze forensic artefacts from various disk and file formats. 939
coinbase/dexter A forensics acquisition framework for secure and extensible digital evidence collection and analysis. 126
anssi-fr/dfir4vsphere A PowerShell module for collecting logs and forensics data from VMware vSphere environments. 143
diogo-fernan/ir-rescue A tool for comprehensively collecting host forensic data during incident response and analysis. 466
dfir-iris/iris-web A collaborative platform for incident responders to share technical details during investigations 1,091
dissectmalware/officeforensictools A Python-based collection of tools for gathering forensic information from Office documents 26
netflix-skunkworks/diffy An incident response tool that helps digital forensics teams analyze and prioritize suspicious hosts in cloud environments 635
google/turbinia Automates and scales digital forensic processing workflows to handle large amounts of evidence in the cloud. 754
dolevf/graphw00f A tool to identify and analyze the underlying technology behind a GraphQL endpoint. 587
homeport/dyff A tool that compares two versions of files and shows the differences. 1,338
ydkhatri/mac_apt A digital forensics tool for analyzing macOS and iOS systems 790