DFTimewolf
DFTimewolf is a framework for orchestrating forensic collection, processing, and data export. It consists of collectors, processors, and exporters (modules) that pass data on to one another. The orchestration of modules is defined in predefined 'recipes'. Documentation is hosted on GitHub pages.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
PowerForensics is a PowerShell digital forensics framework for hard drive forensic analysis.
Automated collection tool for incident response triage in Windows systems.
A tool for fixing acquired .evt Windows Event Log files in digital forensics.
Tool used for dumping memory from Android devices with root access requirement and forensic soundness considerations.
Tool for parsing Android logs events and protobuf data
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.
LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
Malscan is a tool to scan process memory for YARA matches and execute Python scripts.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.