This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR
☆85Mar 3, 2022Updated 4 years ago
Alternatives and similar repositories for DFIR-Tools
Users that are interested in DFIR-Tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Getting FREE Cyber Security Resources have been a challenge always. Access Davy-Jones-Locker to get all what you might need to upskill yo…☆62Mar 22, 2021Updated 5 years ago
- Power-Forensics is the Best Friend for Incident Responders to perform IR and collect evidences for Linux based host☆12Jun 2, 2023Updated 2 years ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆43Jun 27, 2021Updated 4 years ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- This Repository Talks about the Follina MSDT from Defender Perspective☆38Jun 2, 2022Updated 3 years ago
- DNS Dashboard for hunting and identifying beaconing☆17Jul 29, 2020Updated 5 years ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- High-level Threat Intelligence playbooks☆21Mar 6, 2021Updated 5 years ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- Notes on responding to security breaches relating to Azure AD☆123Mar 14, 2022Updated 4 years ago
- Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…☆15Jun 5, 2023Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 9 months ago
- PowerShell module for SentinelOne API☆29Mar 8, 2021Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Auto scanning tool that will help you during playing on HackTheBox, TryHackMe...etc☆20May 19, 2023Updated 2 years ago
- Notes on managing and coordinating the response to major cyber incidents☆41May 30, 2020Updated 5 years ago
- Field guide to gather low-hanging fruits☆14Mar 20, 2025Updated last year
- ☆10Apr 2, 2022Updated 4 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- Python tool for detecting subdomain takeover vulnerabilities by resolving CNAME records and checking for known error messages. It support…☆15Feb 2, 2025Updated last year
- “Intelliroot Code Injection Hunter” is a tool that can to help you identify injected malicious code. The tool can identify and extract po…☆16Sep 21, 2022Updated 3 years ago
- ☆65Sep 18, 2025Updated 7 months ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆15Oct 22, 2025Updated 5 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆36Feb 2, 2022Updated 4 years ago
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- A GeoIP lookup utility utilizing ipinfo.io services.☆30Dec 1, 2023Updated 2 years ago
- Information about the open-source-dfir slack community☆30Jun 17, 2023Updated 2 years ago
- ☆43Nov 30, 2022Updated 3 years ago
- Jupyter notebooks for threat hunting☆60Apr 7, 2026Updated last week
- ☆42Sep 5, 2025Updated 7 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Harness the power of Splunk for your investigations☆161Oct 11, 2025Updated 6 months ago
- eBPF-based EDR for Linux☆18Aug 25, 2024Updated last year
- Malware samples, analysis exercises and other interesting resources.☆1,625Jan 13, 2024Updated 2 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆51Apr 25, 2024Updated last year
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆133Jan 31, 2022Updated 4 years ago
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- Penguin OS Forensic (or Flight) Recorder☆41Mar 27, 2026Updated 3 weeks ago