A list of free and open forensics analysis tools and other resources

Collaborative Incident Response platform

macOS forensic acquisition made simple

macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR

C# Library and research notes for Windows 11 Notepad State Files

A collection of PowerShell scripts for analyzing macOS Forensic Artifacts

Automatically create iSCSI targets for all drives except for a boot device

Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecuritynews.com/windows-event-log-analysis/, to quickly highlight key forensic artifacts.

Digital Forensics Essentials (DFE)

Reverse Engineering the Tabstate files for Windows Notepad

Decryption tool for LockMyPix android app

DFLER: Drone Flight Log Entity Recognizer to Support Forensic Investigation on Drone Device

Linux last-logon forensic auditing from the binary lastlog database.

A zero-dependency, open-source CLI tool for digital forensics and backups. Built for security researchers and sysadmins to streamline data extraction, metadata analysis, and rapid file recovery.

A tool that detects files and directories that may be hidden by trojan and rootkits on Unix platforms

A digital forensics educational game to promote the procedures carried out within a digital investigation - created using Godot

Production-ready Multimodal Lip Sync Detection & Deepfake Detection System. Detects audio-video synchronization mismatches using deep learning (PyTorch) with a scalable FastAPI-based inference pipeline. Optimized for real-time processing,low false positives, and robust performance on noisy speech segments. Built for video forensics,synthetic media

Binary Analysis of a Saved Notepad Tab

VMDetect is a Python based Windows VM detection and environment forensics tool that reads ACPI/SMBIOS firmware tables and system artifacts to expose virtual machines, even if people try to hide them!