PyRank

Forensics Python Packages

Python packages with the GitHub topic forensics. Sorted by relevance, with stars and monthly downloads.
decalage2
oletools

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

4.1M 3K 600
prowler-cloud
prowler

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

211K 14K 2K
sherlock-project
sherlock-project

Hunt down social media accounts by username across social networks

86K 83K 10K
williballenthin
python-evtx

Pure Python parser for Windows Event Log files (.evtx)

69K 772 167
volatilityfoundation
volatility3

Volatility 3.0 development

66K 4K 653
strayge
pylnk3

Python library for reading and writing Windows shortcut files (.lnk). Python 3 only.

60K 109 20
prowler-cloud
prowler-cloud

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

13K 14K 2K
mvt-project
mvt

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

11K 12K 1K
google
turbinia

Automation and Scaling of Digital Forensics Tools

4K 790 169
jsharkey13
iphone-backup-decrypt

Decrypt an encrypted local iOS backup on Windows or MacOS

4K 372 58
rowingdude
analyzemft

analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multiple formats.

4K 533 121
obsidianforensics
pyhindsight

Browser forensics tool for Google Chrome (and other Chromium-based browsers)

3K 1K 179
log2timeline
plaso

Super timeline all the things

3K 2K 414
iocx-dev
iocx

An extensible, deterministic static‑analysis engine that extracts high‑signal IOCs from PE binaries and text, built for SOC automation and modern threat‑analysis pipelines.

2K 20 5
den4uk
andriller

📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.

1K 2K 252
nour833
stegoforge

The ultimate steganography and digital forensics toolkit. Hide and extract data across images, audio, video, documents, and network packets, or run 11 advanced detection engines to uncover hidden payloads.

1K 358 51
chapinb
chickadee

Yet another GeoIP resolution tool.

1K 8 1
plarv
plarv-argus-sdk

Active guardrail for AI training. Prevents crashes before they happen.

1K 0 0
PabloLec
recoverpy

Interactively find and recover deleted or :point_right: overwritten :point_left: files from your terminal

1K 2K 88
niftycode
imessage-reader

Fetch imessages from chat.db

1K 117 23
dogoncouch
logdissect

CLI utility and Python module for analyzing log files and other data.

1K 159 23
alephdata
msglite

Extracts emails and attachments saved in Microsoft Outlook's .msg files

1K 9 2
google
turbinia-api-lib

Automation and Scaling of Digital Forensics Tools

910 790 169
google
turbinia-client

Automation and Scaling of Digital Forensics Tools

773 790 169