Skip to content

@sleuthkit The Sleuth Kit

Change the repository type filter

All

    Repositories list

    18 repositories

    • sleuthkit

      Public
      The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
      incident-responseforensicsntfssleuthkittct
      C
      6082.6k33726Updated Nov 6, 2024Nov 6, 2024

    • sleuthkit_test_data

      Public
      Holds images and other test data for sleuthkit
      0000Updated Oct 18, 2024Oct 18, 2024

    • autopsy

      Public
      Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
      forensicsjava
      Java
      5962.4k34913Updated Sep 17, 2024Sep 17, 2024

    • scalpel

      Public
      Scalpel is an open source data carving tool. It is not being actively maintained.
      Shell
      99627324Updated Mar 27, 2024Mar 27, 2024

    • governance

      Public
      0000Updated Mar 25, 2024Mar 25, 2024

    • autopsy_addon_modules

      Public
      Repo to store compiled modules or links to 3rd party add-on modules.
      Python
      13244320Updated Mar 8, 2024Mar 8, 2024

    • sevenzipjbinding

      Public
      7-Zip-JBinding
      C++
      Other
      51000Updated Nov 24, 2020Nov 24, 2020

    • yara-java

      Public
      Java bindings for Yara
      C
      Apache License 2.0
      25000Updated Oct 23, 2020Oct 23, 2020

    • libewf_64bit

      Public
      Copy of the libewf source code that is configured for a 64-bit MS Visual Studio build.
      C
      GNU Lesser General Public License v3.0
      271520Updated Aug 17, 2020Aug 17, 2020

    • libvmdk_64bit

      Public
      64-bit / VS 2015 version of libvmdk (https://github.com/libyal/libvmdk)
      C
      13500Updated Aug 12, 2020Aug 12, 2020

    • libvhdi_64bit

      Public
      64-bit / VS 2015 version of libvhdi (https://github.com/libyal/libvhdi)
      C
      GNU Lesser General Public License v3.0
      15500Updated Aug 12, 2020Aug 12, 2020

    • libewf-legacy

      Public
      Legacy version of libewf
      C
      GNU Lesser General Public License v3.0
      5100Updated Aug 11, 2020Aug 11, 2020

    • libvmdk

      Public
      Library and tools to access the VMware Virtual Disk (VMDK) format
      C
      GNU Lesser General Public License v3.0
      65400Updated Aug 10, 2020Aug 10, 2020

    • Autopsy-WindowsRegistryContentViewer

      Public archive
      Willi Ballenthin's module to view the registry as a content viewer. This has been moved into part of the core Autopsy release and is no longer needed as an add-on module.
      Java
      Apache License 2.0
      13800Updated Sep 6, 2019Sep 6, 2019

    • Autopsy-WindowsRegistryIngestModule

      Public
      Will Ballenthin's module to extract all registry key/values as files during ingest. He is no longer maintaining it and we made some minor updates.
      Java
      Apache License 2.0
      10600Updated Feb 15, 2019Feb 15, 2019

    • JavaStixBindings

      Public
      We needed some jaxb bindings for STIX for an Autopsy module. This is temporary code until the official MITRE Java bindings are published.
      Java
      Other
      2400Updated Jan 30, 2015Jan 30, 2015

    • sleuthkit.github.com

      Public
      website
      1300Updated May 2, 2014May 2, 2014

    • hadoop_framework

      Public
      This is a prototype system that uses Hadoop to process hard drive images.
      Java
      215110Updated Oct 1, 2012Oct 1, 2012