This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR
☆84Mar 3, 2022Updated 4 years ago
Alternatives and similar repositories for DFIR-Tools
Users that are interested in DFIR-Tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Getting FREE Cyber Security Resources have been a challenge always. Access Davy-Jones-Locker to get all what you might need to upskill yo…☆62Mar 22, 2021Updated 5 years ago
- Power-Forensics is the Best Friend for Incident Responders to perform IR and collect evidences for Linux based host☆12Jun 2, 2023Updated 2 years ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆43Jun 27, 2021Updated 4 years ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- This Repository Talks about the Follina MSDT from Defender Perspective☆38Jun 2, 2022Updated 3 years ago
- DNS Dashboard for hunting and identifying beaconing☆16Jul 29, 2020Updated 5 years ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 5 years ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- Notes on responding to security breaches relating to Azure AD☆122Mar 14, 2022Updated 4 years ago
- Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…☆15Jun 5, 2023Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 9 months ago
- PowerShell module for SentinelOne API☆29Mar 8, 2021Updated 5 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Auto scanning tool that will help you during playing on HackTheBox, TryHackMe...etc☆20May 19, 2023Updated 2 years ago
- Field guide to gather low-hanging fruits☆14Mar 20, 2025Updated last year
- ☆10Apr 2, 2022Updated 3 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- Python tool for detecting subdomain takeover vulnerabilities by resolving CNAME records and checking for known error messages. It support…☆15Feb 2, 2025Updated last year
- “Intelliroot Code Injection Hunter” is a tool that can to help you identify injected malicious code. The tool can identify and extract po…☆16Sep 21, 2022Updated 3 years ago
- ☆65Sep 18, 2025Updated 6 months ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 5 months ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆36Feb 2, 2022Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- ☆42Sep 5, 2025Updated 6 months ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- A GeoIP lookup utility utilizing ipinfo.io services.☆30Dec 1, 2023Updated 2 years ago
- Information about the open-source-dfir slack community☆30Jun 17, 2023Updated 2 years ago
- ☆44Nov 30, 2022Updated 3 years ago
- Jupyter notebooks for threat hunting☆60Mar 26, 2025Updated last year
- Harness the power of Splunk for your investigations☆159Oct 11, 2025Updated 5 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- eBPF-based EDR for Linux☆18Aug 25, 2024Updated last year
- Malware samples, analysis exercises and other interesting resources.☆1,623Jan 13, 2024Updated 2 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆51Apr 25, 2024Updated last year
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆46Jan 2, 2022Updated 4 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆133Jan 31, 2022Updated 4 years ago
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- Penguin OS Forensic (or Flight) Recorder☆40Updated this week