This project provides documentation accompanying Digital Forensics Artifact Repository. Scripts and Digital Forensics Artifact knowledge base (artifactsrc) are intended to help maintain the knowledge base. If you want to contribute a description of an artifact definition, please use the Template. The goal is to describe artifacts, not to provide a repository of tools. Contact forensicartifacts@googlegroups.com for more information.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A library to access the Windows New Technology File System (NTFS) format with read-only support for NTFS versions 3.0 and 3.1.
A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.
A digital forensics tool that provides read-only access to file-system objects from various storage media types and file formats.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.