PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Forensics Python Packages

Python packages with the GitHub topic forensics. Sorted by relevance, with stars and monthly downloads.
decalage2
oletools

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

6.1M 3K 604
prowler-cloud
prowler

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

258K 14K 2K
sherlock-project
sherlock-project

Hunt down social media accounts by username across social networks

169K 86K 10K
williballenthin
python-evtx

Pure Python parser for Windows Event Log files (.evtx)

91K 773 167
strayge
pylnk3

Python library for reading and writing Windows shortcut files (.lnk). Python 3 only.

86K 110 21
volatilityfoundation
volatility3

Volatility 3.0 development

79K 4K 670
prowler-cloud
prowler-cloud

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

12K 14K 2K
mvt-project
mvt

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

9K 13K 1K
jsharkey13
iphone-backup-decrypt

Decrypt an encrypted local iOS backup on Windows or MacOS

5K 378 60
log2timeline
plaso

Super timeline all the things

4K 2K 417
obsidianforensics
pyhindsight

Browser forensics tool for Google Chrome (and other Chromium-based browsers)

4K 1K 183
rowingdude
analyzemft

analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multiple formats.

3K 531 121
KD5RYN
pst-search

Local search engine for Outlook PST files. SQLite FTS5 + pst-extractor (Node). Reads PSTs libpff cannot.

2K 1 0
pcguest
atb-sdk

ATB bundle reader and verifier SDK

2K 0 0
google
turbinia

Automation and Scaling of Digital Forensics Tools

2K 790 171
nash-dir
diffinite

Forensic source-code comparison for IP litigation — Winnowing/MOSS fingerprints + courtroom-ready PDF reports (Bates numbering, evidence hashing). pip install diffinite

2K 0 0
google
turbinia-api-lib

Automation and Scaling of Digital Forensics Tools

2K 790 171
alephdata
msglite

Extracts emails and attachments saved in Microsoft Outlook's .msg files

1K 9 2
iocx-dev
iocx

An extensible, deterministic static‑analysis engine that extracts high‑signal IOCs from PE binaries and text, built for SOC automation and modern threat‑analysis pipelines.

1K 25 6
google
turbinia-client

Automation and Scaling of Digital Forensics Tools

1K 790 171
PabloLec
recoverpy

Interactively find and recover deleted or :point_right: overwritten :point_left: files from your terminal

1K 2K 88
den4uk
andriller

📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.

1K 2K 255
borjamoskv
cortex-persist

Cryptographic memory integrity, audit trails, and verifiable lineage for AI agents.

976 3 0
rgcsekaraa
metabeam

Metadata extraction for any file type: detect MIME from magic bytes, read EXIF/GPS, image/audio/video tags, PDF info, archive contents, hashes, and entropy.

908 1 0
    • Data from PyPI, GitHub, ClickHouse, and BigQuery