USB WiFi Adapter Information for Linux

Python driven environment for Live Coding

Comae Hibernation File Decompressor

A Volatility plugin to extract credentials from the memory of a OpenVPN client.

Volatility Framework plugin for extracting BitLocker FVEK (Full Volume Encryption Key)

UI for forensic filtering of filesystem mac times.

Format Identification for Digital Objects (FIDO) is a command-line tool to identify the file formats of digital objects. It is designed for simple integration into automated work-flows.

Malicious traffic detection system

Open source Python library for NTFS analysis

This is the development tree. Production downloads are at:

Digital Forensics Virtual File System (dfVFS)

Super timeline all the things

Tool suite for inspecting NTFS artifacts.

Disassembler Library for x86 and x86-64

Speaker notes for impress.js

🎥 Command line video player

Front-end package for memory capture and forensic tools

AFF is now being maintained at https://github.com/sshock/AFFLIBv3

It's a presentation framework based on the power of CSS3 transforms and transitions in modern browsers and inspired by the idea behind prezi.com.

Cross-platform, open-source shellbag parser

Cuckoo Sandbox is an automated dynamic malware analysis system

Pure Python parser for Windows Registry hives.

A tool to analyze multi-byte xor cipher

A framework that ease the use of the numerous forensic open source tools.

A Tool for Automatic Analysis of Malware Behavior

Tool to extract e-mail messages from Outlook Express DBX files.