Digital Forensics Artifacts Repository
A free, community-sourced, machine-readable knowledge base of digital forensic artifacts that can be used as an information source and within other tools. The artifacts are in YAML format, and Python code is used for validation. For more information, visit the project documentation at: https://artifacts.readthedocs.io/en/latest. Contributions are welcome via the developers guide or by contacting forensicartifacts@googlegroups.com. Join the Artifacts channel of Open Source DFIR Slack for discussions.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Documentation project for Digital Forensics Artifact Repository
Comprehensive suite for advanced file analysis and software supply chain security.
Truehunter is a tool designed to detect encrypted containers with a focus on Truecrypt and Veracrypt, utilizing a fast and memory efficient approach.
A portable volatile memory acquisition tool for Linux.
A tool that uses Plaso to parse forensic artifacts and disk images, creating custom reports for easier analysis.
ShadowCopy Analyzer is a tool for cybersecurity researchers to analyze and utilize the ShadowCopy technology for file recovery and system restoration.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.