dissect
Forensic analysis toolset
A digital forensics framework that provides tools and parsers to analyze forensic artefacts from various disk and file formats.
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).
939 stars
22 watching
67 forks
last commit: about 1 month ago
Linked from 2 awesome lists
dfirdissectpython
meirwah/awesome-incident-response
cugu/awesome-forensicsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| fox-it/dissect.xfs | A Dissect module implementing a parser for the XFS file system, commonly used by RedHat Linux distributions. | 2 |
| fox-it/dissect.target | Provides a programming API and command line tools to access various data sources inside disk images or file collections. | 48 |
| fox-it/dissect.fat | A Dissect module implementing parsers for FAT and exFAT file systems. | 2 |
| fox-it/dissect.sql | An implementation of the SQLite database file format parser in Python. | 6 |
| fox-it/dissect.archive | Parses various archive and backup formats using Python | 0 |
| fox-it/dissect.ffs | A Dissect module implementing a parser for the FFS file system used in BSD operating systems | 2 |
| fox-it/dissect.executable | A Python module providing parsers for various executable formats like PE, ELF, and Macho-O. | 0 |
| fox-it/dissect.util | Provides utility functions and decompression algorithms for other Dissect modules. | 3 |
| fox-it/dissect.jffs | A Dissect module implementing a parser for the JFFS2 file system used in router operating systems. | 0 |
| fox-it/dissect.vmfs | A Dissect module parsing VMFS file system structure and layout | 3 |
| fox-it/dissect.clfs | A Dissect module implementing a parser for the CLFS file system of Windows | 5 |
| fox-it/dissect.esedb | A Dissect module implementing a parser for a specific Microsoft database format used in various enterprise systems. | 18 |
| fox-it/dissect.volume | A parser module for various disk volume and partition systems | 3 |
| fox-it/dissect.cstruct | A parser for C-like structures in Python | 43 |
| fox-it/dissect.squashfs | A parser for the SquashFS file system used in appliance or device firmware | 0 |