Faster & Better Way to analyze the EML Files

A Python, Boto3 script that shuts down a selected instance, detaches the instance, generates a snapshot volume and then attaches and mounts both volumes to a workstation

This tool monitors Velociraptor's syslog messages for specific actions performed by users within the Velociraptor DFIR platform. When certain patterns are detected, it sends detailed email notifications to designated recipients, providing enhanced visibility into user activities and potential security events.

Binalyze AIR and Carbon Black Cloud Integration

Confirm file type by matching the magic signature ("number").

CrowdStrike API Client Library

A Python2 GUI tool to automate memory dump analysis using Volatility 2.6.1. It allows users to load memory files, automatically detects the correct profile with imageinfo, and runs common forensic commands. Results are organized into case folders for easy review.

Forensic tool utilizes file metadata to eliminate the false positive entries of system artifact and makes a decision.

OpenRelik ertools worker

A GUI tool that makes steg analysis easy by putting various steganography tools, all in one place

Collaborative Forensic Collections Manager

A forensic command-line tool for deep analyzing PDF files

Ingest and query NIST NSRL Reference Data Sets in Elasticsearch with Python tools and libraries.

Search for given file hash

osquery_hunter is a lightweight, Python-based triage helper for Windows systems. It uses osquery to enumerate running processes, network sockets, and signatures — helping analysts quickly spot unsigned or suspicious binaries. Ideal for DFIR, incident response, and blue-team investigations in environments without full EDR coverage.

Create a timeline of files in a folder.

Recover and decode unsaved Windows Notepad binary files into readable notes

Minimalist Collaborative Malware DB Management

splits a URL into individual components, unescapes arguments, and performs light calculations for manual or automated analysis

TruxTrace is a Linux user simulation tool that emulates realistic command-line behavior for single and multiple users. It’s designed for learning, testing, and digital forensics, generating artifacts like logs and histories to replicate real-world usage scenarios.