libqcow is a library to access the QEMU Copy-On-Write (QCOW) image file format. It supports read-only operations for QCOW versions 1, 2, and 3, with features including zlib (DEFLATE) compression, AES-CBC 128-bit encryption, and backing file (differential image). Currently in alpha status, the library is licensed under LGPLv3+ and has some unsupported features like LUKS encryption, data file, and in-image snapshots. The project is working towards thread-safety in file API functions.
FEATURES
ALTERNATIVES
iOSForensic is a Python tool for forensic analysis on iOS devices, extracting files, logs, SQLite3 databases, and .plist files into XML.
A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.
A community-sourced repository of digital forensic artifacts in YAML format.
Windows anti-forensics USB monitoring tool with the ability to shutdown the computer upon detecting the unplugging of a specified USB device.
A tool for extracting files from packet capture files with ease of use and extensibility for Python developers.
A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.
Recreates the File/Directory tree structure from an extracted $MFT file with detailed record mapping and analysis capabilities.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.