This website uses its own and third party cookies to collect information that helps to optimize your visit to their web pages. Cookies will not be used to collect personal information. You can either allow or reject their use. You can also change their settings at any time. You will find more information on our Cookie Policy page.


DS4N6 Tools

Visit our Github at:


Tool Version Status Release Date Download / Install Documentation Description
CHRYSALIS 0.7.1 Alpha / Beta 07/06/22 Download / Install Documentation Framework that provides an easy way to ingest forensic tool output (plaso, kape, kansa, volatility, etc.) in Jupyter and perform multiple types of Data Science and Machine Learning analysis.
DAISY 0.6 Alpha / Beta 07/06/22 Download / Install Documentation DAISY (DFIR Data Science & AI) is a Virtual Machine designed to carry out Data Science and Machine/Deep Learning Analysis on DFIR data
ADAM 0.1 In Preparation Expected: Q4 '21 - - The DS ADversAry eMulator allows you to define a sequence of malicious artifact data and inject it in the multiple Artifact-specific DataFrames.
This allows you to test your detection capabilities by mimicking real attacks, all in a “virtual” DataFrame environment.
D4ML 0.1 In Preparation Expected: May '21 - - D4ML are the DS4N6 extensions for Machine Learning, i.e. easy-to-use ML functions that you can apply to your artifact-specific dataframes to, for instance, detect anomalies which may correspond to malicious events.

The below projects are not actually tools, but are used by our tools (we will probably move this to some other section of the website soon, but here it is for now).

Project Version Status Release Date Description
HAM 0.1 Alpha TBD The Harmonized Artifact Model (HAM) is a model that harmonizes the output of different forensic tools so the underlying artifact data has the same format regardless of the tool that generated it.