dbissell6 / DFIR
This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.
☆67Updated this week
Alternatives and similar repositories for DFIR:
Users that are interested in DFIR are comparing it to the libraries listed below
- DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital For…☆185Updated last month
- Some important DFIR Resources☆83Updated 2 years ago
- ☆158Updated last year
- A Python script for analyzing email files to extract IP addresses, URLs, headers, and attachments, with functionalities for defanging IPs…☆18Updated 5 months ago
- Harness the power of Splunk for your investigations☆94Updated last week
- Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, technique…☆100Updated 7 months ago
- A collection of CVEs weaponized by ransomware operators☆111Updated last week
- ☆171Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆153Updated 10 months ago
- Windows Forensics Environment Builder☆131Updated 2 months ago
- CLI tools for forensic investigation of Windows artifacts☆326Updated 4 months ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Updated last month
- Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-for…☆76Updated last month
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆330Updated 7 months ago
- Advanced Bash script designed for conducting digital forensics on Linux systems☆141Updated 11 months ago
- Regular Expressions List used in Digital Forensic Tasks☆82Updated last month
- ☆17Updated 7 months ago
- ☆38Updated 3 months ago
- SIEM Cheat Sheet☆73Updated last year
- Creation of a laboratory for malware analysis in AWS☆95Updated 2 years ago
- Windows Malware Investigation Scripts & Docs☆75Updated 4 months ago
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated 4 months ago
- Hands-on cybersecurity projects to enhance skills in phishing investigation, malware analysis, network intrusion detection, and DDoS atta…☆119Updated 9 months ago
- ☆65Updated 2 years ago
- A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts☆59Updated 4 months ago
- Jupyter Notebooks for the Blue Team☆145Updated this week
- SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incide…☆87Updated last month
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆32Updated 7 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 6 months ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆120Updated last year