This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.
☆110Apr 9, 2026Updated this week
Alternatives and similar repositories for DFIR
Users that are interested in DFIR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- most powerful batch obfuscator☆47Jan 2, 2023Updated 3 years ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- A curated list of ressources for Volatility 2 & 3☆13Mar 17, 2024Updated 2 years ago
- DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital For…☆454Nov 28, 2025Updated 4 months ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated 11 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A Python script for extracting IP addresses, URLs, headers, and attachments from .eml files. Additional functionalities include defanging…☆44Oct 10, 2024Updated last year
- A collection of CTF frameworks, libraries, resources, softwares and tutorials, books, resources and cool stuff in Cybersecurity☆17Dec 11, 2021Updated 4 years ago
- Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigure…☆13Jun 12, 2024Updated last year
- Hunt the windows Registry automatically using VQL☆15Jan 6, 2026Updated 3 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆162Apr 6, 2025Updated last year
- KQL Detections for Microsoft Sentinel and Microsoft 365 Defender☆21Nov 15, 2024Updated last year
- Guides, Courses, Writeups and Tools That May Be Useful for CTFs☆25Jan 8, 2021Updated 5 years ago
- Source files and writeups for the brixel CTF 2020☆10Jan 1, 2021Updated 5 years ago
- My external brain for cyber defense (WIP). A practical collection of field notes on hunting strategies and system principles. Documentin…☆95Updated this week
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆13Jan 19, 2023Updated 3 years ago
- Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.☆207Nov 12, 2025Updated 5 months ago
- ☆22Aug 16, 2025Updated 8 months ago
- ☆34Mar 4, 2019Updated 7 years ago
- Collection of my volatility3 plugins☆18Sep 6, 2024Updated last year
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 5 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 23, 2026Updated 3 weeks ago
- A New Exploitation Technique for Visual Studio Projects☆13Nov 5, 2023Updated 2 years ago
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Ian Hanley's deceptively simple KQL queries.☆67Apr 3, 2026Updated last week
- ☆15Jun 5, 2024Updated last year
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- Run several volatility plugins at the same time☆119Oct 27, 2022Updated 3 years ago
- $MFT directory tree reconstruction & FILE record info☆328Oct 7, 2024Updated last year
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆110Apr 22, 2025Updated 11 months ago
- autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat☆110Oct 31, 2023Updated 2 years ago
- Writeups of some of the Binary Exploitation challenges that I have solved during CTF.☆21Feb 8, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆12Apr 23, 2021Updated 4 years ago
- ☆17Mar 31, 2026Updated 2 weeks ago
- Various short scripts and tools used for Digital Forensics☆14Apr 13, 2025Updated last year
- 🇻🇳 [VNCERT/CC] Digital Forensics Lab 🇻🇳☆23Dec 26, 2024Updated last year
- CTFd plugin allowing for individual Docker containers per team☆24Jan 15, 2026Updated 3 months ago
- [DEPRECIATED] All writeups are moved to my main website☆14Mar 15, 2024Updated 2 years ago
- nexos source files made by @samdem-ai☆20Oct 7, 2024Updated last year