The Modular Digital Forensics Toolkit
A professional-grade digital forensics toolkit designed for efficiency, modularity, and comprehensive analysis capabilities. Built with modern Python practices and extensive testing.
📚 Documentation Hub
- Quick Start Guide - Get started in minutes
- Installation Guide - Detailed setup instructions
- Usage Guide - Command reference and examples
- Development Roadmap - Future plans and features
- Security Policy - Security considerations
- Threat Model - Security architecture
- Test Coverage - Quality metrics
- Code of Conduct - Community guidelines
🔍 Analysis Capabilities
- Advanced memory dump analysis (strings, IOCs, processes)
- File/directory hashing (MD5, SHA1, SHA256)
- File carving with ML support (PE, ELF, JPG, PNG, PDF)
- Deep metadata extraction with exiftool integration
- Comprehensive timeline generation
- Live system analysis capabilities
- Disk image mounting
- LiveOps (live system collection)
artefact hash test/text.txt --algorithm md5
artefact carve -i disk.img -o output --types jpg
artefact meta -f sample.jpg --deep
artefact timeline "C:\Users\HRISHI\Documents\*" --format markdown
artefact mount -i disk.img --list
artefact memory -i memdump.raw --strings
artefact liveops --collect processes networkMIT License. See LICENSE.
See CONTRIBUTING.md
For full details, see the docs above.