This is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.
☆113May 8, 2026Updated 2 weeks ago
Alternatives and similar repositories for DFIR
Users that are interested in DFIR are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- most powerful batch obfuscator☆47Jan 2, 2023Updated 3 years ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- A curated list of ressources for Volatility 2 & 3☆13Mar 17, 2024Updated 2 years ago
- DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital For…☆466Nov 28, 2025Updated 5 months ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- ☆16Nov 13, 2024Updated last year
- Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigure…☆14Jun 12, 2024Updated last year
- A Python script for extracting IP addresses, URLs, headers, and attachments from .eml files. Additional functionalities include defanging…☆46Oct 10, 2024Updated last year
- Hunt the windows Registry automatically using VQL☆17May 4, 2026Updated 3 weeks ago
- FIXED 2021 VERSION MEGA DUMPER☆30Jun 7, 2021Updated 4 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆161Apr 6, 2025Updated last year
- Source files and writeups for the brixel CTF 2020☆10Jan 1, 2021Updated 5 years ago
- My external brain for cyber defense (WIP). A practical collection of field notes on hunting strategies and system principles. Documentin…☆98Updated this week
- Writeup for the challenges in Really Awesome CTF 2020☆13Aug 3, 2020Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.☆208Nov 12, 2025Updated 6 months ago
- ☆13Jan 19, 2023Updated 3 years ago
- ☆23Aug 16, 2025Updated 9 months ago
- ☆30Aug 21, 2024Updated last year
- Collection of my volatility3 plugins☆18Sep 6, 2024Updated last year
- ☆34Mar 4, 2019Updated 7 years ago
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 5 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 23, 2026Updated 2 months ago
- A New Exploitation Technique for Visual Studio Projects☆13Nov 5, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- Ian Hanley's deceptively simple KQL queries.☆68Apr 10, 2026Updated last month
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆21Aug 3, 2024Updated last year
- Run several volatility plugins at the same time☆117Oct 27, 2022Updated 3 years ago
- ☆15Jun 5, 2024Updated last year
- Challenge handouts, source code, and solutions for UofTCTF 2026☆41Jan 13, 2026Updated 4 months ago
- $MFT directory tree reconstruction & FILE record info☆330Oct 7, 2024Updated last year
- EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.☆15Nov 7, 2021Updated 4 years ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆111Apr 22, 2025Updated last year
- autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat☆110Oct 31, 2023Updated 2 years ago
- Writeups of some of the Binary Exploitation challenges that I have solved during CTF.☆21Feb 8, 2025Updated last year
- Various short scripts and tools used for Digital Forensics☆14Apr 13, 2025Updated last year
- ☆17Mar 31, 2026Updated last month
- 🇻🇳 [VNCERT/CC] Digital Forensics Lab 🇻🇳☆23Dec 26, 2024Updated last year
- CTFd plugin allowing for individual Docker containers per team☆26Jan 15, 2026Updated 4 months ago