Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.
☆96Dec 14, 2025Updated 2 months ago
Alternatives and similar repositories for DFIR-Detection-Engineering
Users that are interested in DFIR-Detection-Engineering are comparing it to the libraries listed below
Sorting:
- Tools and resources that may be useful to you when conducting investigations related to Islamic Republic of Iran☆19Sep 10, 2025Updated 5 months ago
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- This project provides a set of Google Apps Scripts designed to help you identify and analyze potentially malicious domains directly from …☆14Sep 4, 2024Updated last year
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- Windows Forensics Salt States☆21Feb 23, 2026Updated last week
- macOS Artifacts☆33Mar 2, 2025Updated last year
- Web app built to allow digital forensic professionals to search for the forensic tools that will parse artifacts from various apps.☆19Apr 30, 2025Updated 10 months ago
- ☆62Oct 12, 2024Updated last year
- Windows 10 Live Information viewer☆38Jan 27, 2022Updated 4 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33May 25, 2024Updated last year
- CLI tools for forensic investigation of Windows artifacts☆349Jul 21, 2025Updated 7 months ago
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 7 months ago
- Forensics Wiki, a wiki devoted to information about digital forensics (also known as computer forensics)☆315Jan 10, 2026Updated last month
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 3 months ago
- Strumenti di Acquisizione e Analisi di copie Forensi☆170Aug 29, 2025Updated 6 months ago
- ☆38Aug 27, 2021Updated 4 years ago
- Strumenti per rilevare ed estrarre informazioni nascoste all'interno di file.☆44Apr 17, 2023Updated 2 years ago
- Azure AD Incident Response☆27Oct 8, 2021Updated 4 years ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆32Nov 16, 2023Updated 2 years ago
- A config file that's curated for DFIR examiners with shortcuts to common Windows artifacts and settings enabled that help make your life …☆39Jan 6, 2025Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- $MFT Record Viewer☆24Nov 9, 2022Updated 3 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 8 months ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersec…☆15Jul 19, 2025Updated 7 months ago
- Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigure…☆13Jun 12, 2024Updated last year
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆51Jan 26, 2025Updated last year
- A curated list of tools for incident response. With repository stars⭐ and forks🍴☆257Updated this week
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆87Dec 20, 2024Updated last year
- A collection of cyberchef recipes for use in osint investigations☆14Jul 2, 2022Updated 3 years ago
- /ˈhäjˌpäj/ "a confused mixture."☆13Feb 26, 2026Updated last week
- Actual good v3 onion links☆15Jan 19, 2026Updated last month
- This is to edit a training forensic image file (raw/dd) and zero out all the unnecessary files.☆11Jun 21, 2025Updated 8 months ago
- ☆12Jun 29, 2021Updated 4 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Here you find the complete list of enrichments and extractionsfor Ubikron.☆33Dec 15, 2025Updated 2 months ago
- The objective of Smart File Hunter (SFH) is the efficient identification of files containing sensitive information like passwords or priv…☆14Sep 3, 2022Updated 3 years ago