☆18Mar 26, 2025Updated 11 months ago
Alternatives and similar repositories for dfdewey
Users that are interested in dfdewey are comparing it to the libraries listed below
Sorting:
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- Multicore EVTX to Elasticsearch ingestor for incident responders.☆14May 12, 2021Updated 4 years ago
- Sabonis, a Digital Forensics and Incident Response pivoting tool☆18Mar 3, 2022Updated 3 years ago
- ☆17Sep 9, 2020Updated 5 years ago
- Windows Application Attack Surface Analyzer☆24Feb 22, 2024Updated 2 years ago
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- ☆17Jun 18, 2024Updated last year
- Fast lookup server for NSRL and other hash database used in digital forensic☆48Jan 26, 2026Updated last month
- Picatrix is a library designed to help security analysts in a notebook environment, such as colab or jupyter.☆52Mar 26, 2025Updated 11 months ago
- This aims to be a collection of tools to forensically analyze Active Directory databases☆25Jun 11, 2025Updated 8 months ago
- Collection of scripts used to analyse malware or emails☆20Oct 6, 2020Updated 5 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆22Oct 31, 2018Updated 7 years ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- Golang Parser for Microsoft Event Logs☆105Nov 7, 2025Updated 3 months ago
- $MFT Record Viewer☆24Nov 9, 2022Updated 3 years ago
- Defcon 28 - Red Team Village - Applied Purple Teaming - Why Can't We Be Friends☆26Aug 9, 2020Updated 5 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- a GUI Interface for DFIR Open Source Tools☆10Jun 16, 2015Updated 10 years ago
- ☆13Aug 23, 2025Updated 6 months ago
- Digital Forensics Virtual File System (dfVFS)☆217Feb 15, 2026Updated last week
- Incident Response Triage - Windows Evidence Collection for Forensic Analysis☆136Apr 21, 2016Updated 9 years ago
- DriveFS Sleuth is a Python tool that automates investigating Google Drive File Stream disk artifacts, the tool has been developed based o…☆87Dec 20, 2024Updated last year
- Windows 10 Live Information viewer☆38Jan 27, 2022Updated 4 years ago
- A web3 utilities toolbox☆11Aug 11, 2023Updated 2 years ago
- Offline amnesic live Linux distribution☆14Mar 8, 2025Updated 11 months ago
- ☆12Aug 8, 2023Updated 2 years ago
- Carves and recreates VSS catalog and store from Windows disk image.☆99Jan 24, 2023Updated 3 years ago
- KQL example queries for working in Azure☆36Dec 1, 2025Updated 2 months ago
- Powershell module for VMWare vSphere forensics☆167Nov 8, 2024Updated last year
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Oct 23, 2019Updated 6 years ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Feb 2, 2026Updated 3 weeks ago
- Track C2 servers, tools, and botnets over time by framework and location☆43Feb 9, 2025Updated last year
- Hardens Windows Server to CIS Standards☆40May 2, 2019Updated 6 years ago
- Continuous kerberoast monitor☆45Aug 24, 2023Updated 2 years ago
- ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)☆179Jul 10, 2019Updated 6 years ago
- PST extraction and analytic pipeline☆37Apr 16, 2018Updated 7 years ago
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago