Skip to content
/ h3llo_forensics_tool Public

H3LLO is a forensic tool developed in Python for Windows systems, designed for information security professionals and digital forensic analysts. This tool automates the collection of critical system and network data, providing comprehensive analysis with real-time visualization of progress.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mrfelpa/h3llo_forensics_tool

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
h3llo.py
h3llo.py
 
 

Repository files navigation

Key Features

  • Automated collection of system information
  • Detailed analysis of network configuration
  • Real-time visualization of progress using Rich
  • Complete logging of all operations
  • Export results in JSON format
  • Built-in network scanner for active host detection

h3llo

System Requirements

  • Windows 7 or higher
  • Python 3.7+
  • Administrator privileges for some features

Use

  • Basic Syntax

    python h3llo.py [--subnet SUBNET] [--output OUTPUT_FILE] [--log LOG_FILE]

Parameters

--subnet: Defines the subnet to scan (ex: 192.168.1)

--output: Sets the output file for the results (default: forensic_results.json)

--log: Sets the log file location (default: forensic_scan.log)

Usage Example

    python h3llo.py --subnet 192.168.1 --output results/analysis_forense.json

Output Structure

  • The tool generates a JSON file with the following structure:

        {
        "timestamp": "2024-10-07T10:00:00",
        "system_info": {
            "Hostname": "...",
            "System Info": "...",
            ...
        },
        "network_info": {
            "Network Shares": "...",
            "Active Connections": "...",
            ...
        },
        "active_hosts": [
            "192.168.1.1",
            "192.168.1.2",
            ...
        ]
    }

Limitations

  • Only works on Windows systems
  • Some features require elevated privileges
  • The network scanner may be affected by firewalls or restrictive network settings

Disclaimer

  • This tool should only be used on systems and networks where you have explicit permission to perform forensic analysis, improper use may violate local laws.

About

H3LLO is a forensic tool developed in Python for Windows systems, designed for information security professionals and digital forensic analysts. This tool automates the collection of critical system and network data, providing comprehensive analysis with real-time visualization of progress.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages