The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore.
☆653May 11, 2026Updated 2 weeks ago
Alternatives and similar repositories for DFIRArtifactMuseum
Users that are interested in DFIRArtifactMuseum are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆652Jun 19, 2024Updated last year
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆198Oct 29, 2025Updated 6 months ago
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,354Apr 16, 2026Updated last month
- The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportu…☆220Dec 30, 2025Updated 4 months ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆715May 2, 2026Updated 3 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 5 months ago
- Documentation and scripts to properly enable Windows event logs.☆704Oct 3, 2025Updated 7 months ago
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,554May 9, 2026Updated 2 weeks ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,169Updated this week
- Digital Forensics artifact repository☆1,239May 16, 2026Updated last week
- Event Tracing For Windows (ETW) Resources☆428Oct 30, 2025Updated 6 months ago
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆549Sep 2, 2022Updated 3 years ago
- Practical Windows Forensics Training☆765Feb 16, 2026Updated 3 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆812May 15, 2026Updated last week
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,071Oct 5, 2023Updated 2 years ago
- Carve file metadata from NTFS index ($I30) attributes☆73Feb 3, 2024Updated 2 years ago
- This repository serves as a place for community created Targets and Modules for use with KAPE.☆842Apr 29, 2026Updated 3 weeks ago
- Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts…☆1,109Feb 25, 2026Updated 3 months ago
- A curated list of KAPE-related resources☆187May 1, 2025Updated last year
- Windows Events Attack Samples☆2,560Jan 24, 2023Updated 3 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Sep 13, 2023Updated 2 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆813May 6, 2026Updated 3 weeks ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆866Jan 20, 2022Updated 4 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆90Feb 9, 2025Updated last year
- Digital Forensics Investigation Platform☆888Oct 12, 2024Updated last year
- A Fast (and safe) parser for the Windows XML Event Log (EVTX) format☆915Mar 21, 2026Updated 2 months ago
- Everything related to Linux Forensics☆720Jul 13, 2023Updated 2 years ago
- DFIQ is a collection of investigative questions and the approaches for answering them☆309Mar 10, 2026Updated 2 months ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆629Updated this week
- Awesome list of keywords and artifacts for Threat Hunting sessions☆655Aug 4, 2025Updated 9 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 8 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆89Mar 11, 2026Updated 2 months ago
- #ThreatHunting #DFIR #Malware #Detection Mind Maps☆306Nov 13, 2021Updated 4 years ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆467Feb 18, 2026Updated 3 months ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆108Mar 12, 2026Updated 2 months ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆209Mar 9, 2026Updated 2 months ago
- PowerShell module for Office 365 and Azure log collection☆281Sep 22, 2025Updated 8 months ago