This is a repo for cybersecurity analyst collecting artifacts in a incident response case.
☆21Feb 17, 2025Updated last year
Alternatives and similar repositories for DFIR-Toolkit
Users that are interested in DFIR-Toolkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Create an incident response triage toolkit for use with Windows or Linux.☆18Jun 14, 2020Updated 5 years ago
- AutoIt Analysis Library: Parser & Emulator For Malware Researchers☆21Apr 27, 2019Updated 7 years ago
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- NDISPktScan is a plugin for the Volatility Framework. It parses the Ethernet packets stored by ndis.sys in Windows kernel space memory.☆12Oct 23, 2015Updated 10 years ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor looku…☆12Apr 26, 2026Updated last week
- CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library☆169Oct 25, 2024Updated last year
- Tutorial for Writing a Kernel☆10Jun 5, 2022Updated 3 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- LiteX-based PCIe MITM, sniffing, fuzzing, device emulation☆19Feb 9, 2022Updated 4 years ago
- CVE-2021-21978 exp☆23Mar 5, 2021Updated 5 years ago
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆16Aug 8, 2025Updated 9 months ago
- Displays simulated agent data on an interactable dashboard, including radar, data tables and more.☆10Mar 29, 2026Updated last month
- Shodanwave - Netwave IP Camera☆18Nov 18, 2017Updated 8 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- Command-line tool to search for malware samples in various repositories☆13Mar 3, 2022Updated 4 years ago
- Made VRChat Avatar creation and testing easier☆10Apr 24, 2026Updated 2 weeks ago
- Volatility memory forensics plugin for extracting Windows DNS Cache☆29Mar 13, 2017Updated 9 years ago
- A homebrewed cyber threat intelligence solution☆20Nov 20, 2012Updated 13 years ago
- pfSense Configuration Auditing Script☆13Dec 14, 2020Updated 5 years ago
- Conduct forensic investigation of suspicious domains, websites and other dangerous thing without the fear of being infected! A Live opera…☆18Jun 27, 2022Updated 3 years ago
- CLI generator for Velociraptor offline collector☆16Apr 20, 2026Updated 2 weeks ago
- Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965☆14Apr 4, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A friendly orchestrator platform from the future☆18Apr 30, 2026Updated last week
- DFIRLab / Plateforme d'investigation numérique☆15Jul 6, 2021Updated 4 years ago
- Twitter API 2.0を使ってツイート(ポスト)する☆16Jul 5, 2025Updated 10 months ago
- 新楓之谷 ARC / AUT 計算機☆17Dec 27, 2023Updated 2 years ago
- Digital Forensics Windows Registry (dfWinReg)☆54Apr 12, 2026Updated 3 weeks ago
- Volatility, on Docker 🐳☆41Nov 20, 2025Updated 5 months ago
- Python script to pull various IOCs from PDFs☆15Dec 22, 2014Updated 11 years ago
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- Create a malicious pip package (PoC)☆12Sep 14, 2023Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- AIS3 2020 pre-exam writeup☆10Jun 30, 2020Updated 5 years ago
- Portable Activity Timeline that draws the Timeline based on data given in JSON or CSV format. By clicking on any activity a detailed moda…☆12Apr 6, 2023Updated 3 years ago
- Vault of Windows Registry forensic artifacts☆30Nov 12, 2025Updated 5 months ago
- 安全好文整理,松鼠症患者福音☆14Nov 30, 2023Updated 2 years ago
- ☆13Dec 28, 2019Updated 6 years ago
- Scanning alive hosts of the given CIDR range in parallel.☆10May 8, 2025Updated last year
- Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external d…☆153Apr 30, 2026Updated last week