This is a repo for cybersecurity analyst collecting artifacts in a incident response case.
☆20Feb 17, 2025Updated last year
Alternatives and similar repositories for DFIR-Toolkit
Users that are interested in DFIR-Toolkit are comparing it to the libraries listed below
Sorting:
- Create an incident response triage toolkit for use with Windows or Linux.☆18Jun 14, 2020Updated 5 years ago
- AutoIt Analysis Library: Parser & Emulator For Malware Researchers☆21Apr 27, 2019Updated 6 years ago
- This repository is dedicated to the SOC (Security Operations Center) Analyst course. It contains all the necessary resources, notes, scri…☆16Aug 31, 2024Updated last year
- Volatility, on Docker 🐳☆41Nov 20, 2025Updated 3 months ago
- CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library☆166Oct 25, 2024Updated last year
- A friendly orchestrator platform from the future☆17Feb 27, 2026Updated last week
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- STM32, ILI9341 ZXspectrum micro laptop.☆12Jul 22, 2023Updated 2 years ago
- MFT Fast Transcoder is a fast forensic tool to analyze MFT of NTFS partitions.☆12Feb 27, 2023Updated 3 years ago
- Displays simulated agent data on an interactable dashboard, including radar, data tables and more.☆10Jan 19, 2024Updated 2 years ago
- In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…☆12May 25, 2016Updated 9 years ago
- 直接在桌面顯示彈幕 Display bullet screen directly on the desktop☆10Mar 2, 2026Updated last week
- OSINT=*, Chrome extension that searches all the threat feeds☆11Dec 5, 2021Updated 4 years ago
- GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.☆14Jan 28, 2023Updated 3 years ago
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- Source files found after a recent hack of one of my machines, showing how the infection spreads itself and what it does, useful for analy…☆13May 4, 2020Updated 5 years ago
- Tools and Binaries to use with KAPE☆13Aug 13, 2019Updated 6 years ago
- Made VRChat Avatar creation and testing easier☆10Dec 28, 2022Updated 3 years ago
- Malware Analysis and Storage System - Server repository☆12Jul 15, 2022Updated 3 years ago
- ☆23Jun 28, 2025Updated 8 months ago
- ☆13Sep 11, 2014Updated 11 years ago
- Function ID for Malware Analysis☆13Jul 6, 2020Updated 5 years ago
- This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…☆11Mar 2, 2023Updated 3 years ago
- A guide to help you start with StarLoco☆13Jan 14, 2025Updated last year
- NCTU(NYCU) Deep Learning and Practice Spring 2021☆11Jun 21, 2022Updated 3 years ago
- NDISPktScan is a plugin for the Volatility Framework. It parses the Ethernet packets stored by ndis.sys in Windows kernel space memory.☆12Oct 23, 2015Updated 10 years ago
- EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.☆15Nov 7, 2021Updated 4 years ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- CLI generator for Velociraptor offline collector☆16Oct 10, 2025Updated 4 months ago
- Windows Syslog Command Line Client☆15Nov 21, 2012Updated 13 years ago
- CircuitPython library for the Pimoroni RGB Keypad base - PIM551 - Raspberry Pi Pico.☆13Apr 19, 2021Updated 4 years ago
- ☆13Updated this week
- Digital Forensics Windows Registry (dfWinReg)☆54Dec 22, 2025Updated 2 months ago
- ☆12Jun 29, 2021Updated 4 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- RegFineViewer is an utility to visualize and navigate easily the Windows Registry☆18Jan 20, 2021Updated 5 years ago
- Command-line tool to search for malware samples in various repositories☆12Mar 3, 2022Updated 4 years ago
- Scripts for interacting with the DSpace API☆12Jul 5, 2024Updated last year