Forensix is a beginner-friendly, GUI-based digital forensics tool built with Python and Tkinter. It allows users to collect and export forensic data from a Windows system, including running processes, installed applications, active network connections, and browser history. The interface features a dark theme, a modern layout, and a simple, intuitive button-based control system.
- Collect running processes with PID, name, and user information
- List installed applications from the Windows Registry
- Display active network connections (IPv4/IPv6)
- Extract browser history from a selected SQLite file (e.g., Chrome)
- Export all collected data as an
.rtfdocument with formatting - Customize your ui with the new customization system
All collected data is saved automatically at:
C:\Users\<YourUser>\Desktop\Forensix\RESULTS\forensics_report.txt
To analyze browser history, select a valid SQLite file. For Chrome, it’s usually:
C:\Users\<YourUser>\AppData\Local\Google\Chrome\User Data\Default\History
⚠ Ensure the browser is closed before selecting the file to avoid read permission errors.
- Python 3.x
- Install required library:
pip install psutil
pip install sqlite3
pip install platform
pip install tkinter
pip install os
pip install datetime- Clone or download this repository
- Run the script using:
python3 forensix.py- Clone or download this repository
- Run the forensix.exe
This tool is intended for educational and forensic research purposes only.
Use it responsibly and only with proper authorization.
Sorry Linux users, Forensix does not yet support Linux in this version😔.
- Linux Terminal Suport
- UI Improvement
- Customization System
Developer: BABY
Version: Imperium (1.3.0)
Forensix - A Digital Forensics Tool
Made by BABY
Version Imperium (1.3.0)
------------------------------------