File Analysis

A command-line utility to show and change EXIF information in JPEG files

A command-line string extraction utility for digital forensics that supports ASCII and Unicode string extraction from files and directories with pattern matching and filtering capabilities.

Laika BOSS is a scalable object scanner and intrusion detection system that extracts child objects, applies security flags, and generates metadata from files for security analysis.

Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.

FSF is a modular, recursive file scanning solution that enables analysts to extend the utility of Yara signatures and define actionable intelligence within a file.

A VMware image for penetration testing purposes

A full python tool for analyzing Android files with various functionalities.

A new age tool for binary analysis that uses statistical visualizations to help find patterns in large amounts of binary data.

A static analysis framework for extracting key characteristics from various file formats

A command-line tool for analyzing and extracting detailed information from Windows Portable Executable (PE) files.

A tool for creating compact Linux memory dumps compatible with popular debugging tools.

Official repository of YARA rules for threat detection and hunting

A tool for reverse engineering Android apk files.

A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.

A modular tool for collecting intelligence sources for files and outputting in CSV format.

A PE/COFF file viewer that displays header, section, directory, import table, export table, and resource information within various file types.

A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.

LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection.

UPX is a high-performance executable packer for various executable formats.

A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.

A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.

A Golang application that stores and queries NIST NSRL Reference Data Set for MD5 and SHA1 hash lookups using Bolt database technology.

A Python tool for in-depth PDF analysis and modification.

TestDisk checks disk partitions and recovers lost partitions, while PhotoRec specializes in recovering lost pictures from digital camera memory or hard disks.