This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR
☆85Mar 3, 2022Updated 4 years ago
Alternatives and similar repositories for DFIR-Tools
Users that are interested in DFIR-Tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Getting FREE Cyber Security Resources have been a challenge always. Access Davy-Jones-Locker to get all what you might need to upskill yo…☆62Mar 22, 2021Updated 5 years ago
- Power-Forensics is the Best Friend for Incident Responders to perform IR and collect evidences for Linux based host☆12Jun 2, 2023Updated 2 years ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆43Jun 27, 2021Updated 4 years ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- This Repository Talks about the Follina MSDT from Defender Perspective☆38Jun 2, 2022Updated 3 years ago
- DNS Dashboard for hunting and identifying beaconing☆17Jul 29, 2020Updated 5 years ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- High-level Threat Intelligence playbooks☆21Mar 6, 2021Updated 5 years ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- Notes on responding to security breaches relating to Azure AD☆123Mar 14, 2022Updated 4 years ago
- Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…☆15Jun 5, 2023Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 10 months ago
- PowerShell module for SentinelOne API☆29Mar 8, 2021Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Auto scanning tool that will help you during playing on HackTheBox, TryHackMe...etc☆20May 19, 2023Updated 2 years ago
- Notes on managing and coordinating the response to major cyber incidents☆41May 30, 2020Updated 5 years ago
- Field guide to gather low-hanging fruits☆15Mar 20, 2025Updated last year
- ☆10Apr 2, 2022Updated 4 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- Python tool for detecting subdomain takeover vulnerabilities by resolving CNAME records and checking for known error messages. It support…☆15Feb 2, 2025Updated last year
- “Intelliroot Code Injection Hunter” is a tool that can to help you identify injected malicious code. The tool can identify and extract po…☆16Sep 21, 2022Updated 3 years ago
- ☆65Sep 18, 2025Updated 7 months ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 6 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆36Feb 2, 2022Updated 4 years ago
- Jupyter Notebooks for Digital Forensics & Incident Response☆10Nov 23, 2021Updated 4 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- A GeoIP lookup utility utilizing ipinfo.io services.☆30Dec 1, 2023Updated 2 years ago
- Information about the open-source-dfir slack community☆30Jun 17, 2023Updated 2 years ago
- ☆44Nov 30, 2022Updated 3 years ago
- Jupyter notebooks for threat hunting☆60Apr 7, 2026Updated last month
- ☆42Sep 5, 2025Updated 8 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Harness the power of Splunk for your investigations☆162Oct 11, 2025Updated 6 months ago
- eBPF-based EDR for Linux☆18Aug 25, 2024Updated last year
- Malware samples, analysis exercises and other interesting resources.☆1,632Jan 13, 2024Updated 2 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆51Apr 25, 2024Updated 2 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆133Jan 31, 2022Updated 4 years ago
- Penguin OS Forensic (or Flight) Recorder☆41Mar 27, 2026Updated last month
- This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…☆730Sep 23, 2024Updated last year