Dump of organized knowledge on DFIR
☆137Oct 4, 2021Updated 4 years ago
Alternatives and similar repositories for dfir-toolset
Users that are interested in dfir-toolset are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆344Jun 25, 2022Updated 3 years ago
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated 2 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 6 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 8 months ago
- Reconstruct process trees from event logs☆148Aug 12, 2020Updated 5 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 7 years ago
- Carve Windows Prefetch files from arbitrary binary data☆16Jun 11, 2017Updated 8 years ago
- Digital forensic acquisition tool for Windows based incident response.☆348May 7, 2024Updated 2 years ago
- A Python library and command line tools to provide interactive log visualization.☆145Dec 27, 2022Updated 3 years ago
- Tools for the Computer Incident Response Team☆151Apr 17, 2017Updated 9 years ago
- ☆39Jun 28, 2019Updated 6 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆454Nov 21, 2024Updated last year
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆507Oct 21, 2022Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆941Dec 12, 2023Updated 2 years ago
- Mac osx forensics tools☆12Nov 28, 2020Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Misc Threat Hunting Resources☆379Jan 26, 2023Updated 3 years ago
- A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.☆17Feb 8, 2015Updated 11 years ago
- Powershell module for VMWare vSphere forensics☆183Nov 8, 2024Updated last year
- Web based analysis platform for use with the AWS_IR command line tool.☆17Aug 4, 2016Updated 9 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆48Jan 2, 2022Updated 4 years ago
- Incident Response Methodologies☆1,018Aug 2, 2018Updated 7 years ago
- Mass Triage Tools☆20Mar 10, 2026Updated 2 months ago
- Meeting notes☆14Apr 5, 2016Updated 10 years ago
- A modern Python-3-based alternative to RegRipper☆213May 12, 2026Updated last week
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,345Dec 13, 2022Updated 3 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Kirjuri is a web application for managing cases and physical forensic evidence items.☆109Updated this week
- Different DFIR and CTI utilities☆40May 13, 2020Updated 6 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,071Oct 5, 2023Updated 2 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- macOS (& ios) Artifact Parsing Tool☆1,042Updated this week
- ☆313Aug 14, 2020Updated 5 years ago
- Web App for Volatility framework☆385Jan 13, 2026Updated 4 months ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆463Aug 14, 2025Updated 9 months ago
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago