Skip to content

0xM4R7YR/DigitalForensicsTool

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

3 Commits
ForensicPro
ForensicPro
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

πŸ“Œ Overview

The Ultimate Digital Forensics & Network Security Tool is a powerful Python-based forensic application built using PyQt5. It combines packet capture, Nmap scanning, file hashing, hidden file detection, VirusTotal integration, and advanced network analysis with visualizations. 2

πŸš€ Features

πŸ›‘οΈ Network & Security Tools

  • πŸ“‘ Packet Capture: Capture live network traffic and analyze packets.
  • πŸ•΅οΈ Advanced Nmap Scanning:
    • Quick Scan
    • Advanced Scan (OS detection, services, vulnerabilities)
    • Custom Scan (User-defined options)
    • πŸ“Š Visual Analysis:
      • Open Ports Analysis
      • IP Distribution Graphs
      • Network Topology Mapping
    • πŸ“‹ Tabular Results: Structured scan results in a readable format.

πŸ“‚ File Forensics

  • πŸ”‘ File Hashing: Compute and verify file integrity using SHA-256.
  • πŸ”Ž Hidden File Search: Identify hidden and suspicious files.
  • 🦠 VirusTotal Integration: Check file hashes against the VirusTotal database.

πŸ“Š Graphs & Visualizations

  • Open Port Distribution
  • IP Address Activity
  • Packet Capture Summary
  • Nmap Scan Statistics

πŸ—οΈ Installation

πŸ”§ Requirements

Ensure you have Python 3.8+ installed.

πŸ“₯ Install Dependencies

pip install PyQt5 matplotlib requests scapy python-nmap

🐧 Linux Users

For full functionality, install Nmap:

sudo apt install nmap

For packet capture, install Wireshark/TShark:

sudo apt install wireshark tshark

πŸƒβ€β™‚οΈ Usage

πŸ”Ή Running the Tool

Run the Python script:

python main.py

🌐 Running Nmap Scans

  • Click Quick Scan for a fast port scan.
  • Click Advanced Scan for OS and service detection.
  • Click Custom Scan, enter your Nmap options (e.g., -sS -p 80,443 192.168.1.1), and execute.

πŸ“‘ Packet Capture

  • Click Start Capture to begin monitoring traffic.
  • Click Stop Capture to save packets.
  • View packet details in the GUI.

πŸ“‚ File Forensics

  • Select a file for SHA-256 hashing.
  • Run a hidden file search.
  • Scan a file’s hash with VirusTotal.

πŸ“Š Viewing Graphs

  • Click Show Open Ports Graph to analyze port distribution.
  • Click Visualize IP Distribution for network insights.

πŸ”₯ Screenshots

1 2 3 4

πŸ“Š Network Scan Graph

5 6

πŸ“Œ Main Interface

πŸ› οΈ Advanced Customization

πŸ›‘οΈ Security & Privacy Considerations

  • Packet capturing requires administrative privileges.
  • Nmap scans may trigger firewall alerts.
  • VirusTotal API should be used responsibly (consider rate limits).

πŸ—οΈ Future Enhancements

  • πŸ“Œ Real-time Threat Detection
  • πŸ“Œ Database Integration for Scan Logs
  • πŸ“Œ Automated Malware Analysis

πŸ“œ License

MIT License. Free to use but do not distribute or sell without permission.

Developed by Muhammad Essam πŸ›‘οΈ | CapitalAbuEssam

About

A digital forensics tool created for kali linux

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages