dbissell6 / DFIR
This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.
☆75Updated last week
Alternatives and similar repositories for DFIR:
Users that are interested in DFIR are comparing it to the libraries listed below
- DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital For…☆197Updated 2 months ago
- A Python script for analyzing email files to extract IP addresses, URLs, headers, and attachments, with functionalities for defanging IPs…☆21Updated 6 months ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆97Updated 2 weeks ago
- ☆21Updated 8 months ago
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆345Updated 8 months ago
- SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incide…☆98Updated 2 months ago
- Some important DFIR Resources☆83Updated 2 years ago
- CLI tools for forensic investigation of Windows artifacts☆327Updated 6 months ago
- ☆39Updated 4 months ago
- Digital forensics lab course, as offered in FAST NUCES Karachi during Spring 2023.☆297Updated 2 years ago
- ☆158Updated last year
- Collection of Volatility2 profiles, generated against Linux kernels.☆38Updated last week
- Advanced Bash script designed for conducting digital forensics on Linux systems☆141Updated last year
- Hands-on cybersecurity projects to enhance skills in phishing investigation, malware analysis, network intrusion detection, and DDoS atta…☆159Updated 11 months ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆32Updated 2 months ago
- A collection of CVEs weaponized by ransomware operators☆113Updated this week
- List of tools and resources for pentesting Microsoft Active Directory☆69Updated last week
- Knowledge Management for Offensive Security Professionals Official Repository☆140Updated 2 months ago
- A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-…☆102Updated 2 years ago
- Obsidian Templates for OSCP, CPTS, and Training labs☆86Updated 2 months ago
- A set of tools and resources for analysis of Havoc C2☆12Updated last year
- Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, technique…☆101Updated 8 months ago
- ☆175Updated last year
- Completely Risky Active-Directory Simulation Hub☆99Updated last year
- Creation of a laboratory for malware analysis in AWS☆96Updated 2 years ago
- A specification and style guide for YARA rules☆48Updated last year
- ☆41Updated 4 months ago
- This is CheatSheet which I used on PJPT exam to fully compromise Domain Controller by doing internal network penentration testing.☆72Updated last year
- Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.☆165Updated last month
- [DEPRECIATED] All writeups are moved to my main website☆14Updated last year