dissect
Forensic analysis toolset
A digital forensics framework that provides tools and parsers to analyze forensic artefacts from various disk and file formats.
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).
924 stars
22 watching
65 forks
last commit: 8 days ago
Linked from 2 awesome lists
dfirdissectpython
meirwah/awesome-incident-response
cugu/awesome-forensicsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| fox-it/dissect.xfs | A parser for the XFS file system used by RedHat Linux distributions. | 2 |
| fox-it/dissect.target | Provides a programming API and command line tools to access various data sources inside disk images or file collections. | 44 |
| fox-it/dissect.fat | A module implementing parsers for FAT and exFAT file systems used on flash memory storage devices | 2 |
| fox-it/dissect.sql | A Dissect module implementing parsers for the SQLite database file format. | 6 |
| fox-it/dissect.archive | A Dissect module implementing parsers for various archive and backup formats. | 0 |
| fox-it/dissect.ffs | A Dissect module implementing a parser for the FFS file system | 2 |
| fox-it/dissect.executable | A module implementing parsers for various executable file formats. | 0 |
| fox-it/dissect.util | A utility module providing pure Python implementations of decompression algorithms and supporting multiple compression formats | 3 |
| fox-it/dissect.jffs | A Dissect module implementing a parser for the JFFS2 file system used in router operating systems. | 0 |
| fox-it/dissect.vmfs | A Python module implementing a parser for the VMFS file system used by VMware virtualization software. | 3 |
| fox-it/dissect.clfs | A parser module for the CLFS file system of Windows. | 5 |
| fox-it/dissect.esedb | An implementation of a parser for Microsofts Extensible Storage Engine Database | 18 |
| fox-it/dissect.volume | A Python module implementing parsers for various disk volume and partition systems | 3 |
| fox-it/dissect.cstruct | A parser for C-like structures in Python | 40 |
| fox-it/dissect.squashfs | A Dissect module implementing a parser for the SquashFS file system. | 0 |