Dump of organized knowledge on DFIR
☆137Oct 4, 2021Updated 4 years ago
Alternatives and similar repositories for dfir-toolset
Users that are interested in dfir-toolset are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆345Jun 25, 2022Updated 3 years ago
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated 2 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 6 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 9 months ago
- Reconstruct process trees from event logs☆148Aug 12, 2020Updated 5 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 8 years ago
- Carve Windows Prefetch files from arbitrary binary data☆16Jun 11, 2017Updated 9 years ago
- Digital forensic acquisition tool for Windows based incident response.☆348May 7, 2024Updated 2 years ago
- A Python library and command line tools to provide interactive log visualization.☆145Dec 27, 2022Updated 3 years ago
- Tools for the Computer Incident Response Team☆152Apr 17, 2017Updated 9 years ago
- ☆39Jun 28, 2019Updated 6 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆454Nov 21, 2024Updated last year
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆508Oct 21, 2022Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆942Dec 12, 2023Updated 2 years ago
- Mac osx forensics tools☆12Nov 28, 2020Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Misc Threat Hunting Resources☆379Jan 26, 2023Updated 3 years ago
- A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.☆17Feb 8, 2015Updated 11 years ago
- Powershell module for VMWare vSphere forensics☆183Nov 8, 2024Updated last year
- Web based analysis platform for use with the AWS_IR command line tool.☆17Aug 4, 2016Updated 9 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆48Jan 2, 2022Updated 4 years ago
- Mass Triage Tools☆20Mar 10, 2026Updated 3 months ago
- Incident Response Methodologies☆1,016Aug 2, 2018Updated 7 years ago
- Meeting notes☆14Apr 5, 2016Updated 10 years ago
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,346Dec 13, 2022Updated 3 years ago
- A modern Python-3-based alternative to RegRipper☆215May 12, 2026Updated 3 weeks ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Kirjuri is a web application for managing cases and physical forensic evidence items.☆109May 19, 2026Updated 3 weeks ago
- Different DFIR and CTI utilities☆41May 13, 2020Updated 6 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,069Oct 5, 2023Updated 2 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- macOS (& ios) Artifact Parsing Tool☆1,045May 20, 2026Updated 3 weeks ago
- ☆314Aug 14, 2020Updated 5 years ago
- Web App for Volatility framework☆386Jan 13, 2026Updated 4 months ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆464Aug 14, 2025Updated 9 months ago
- DPS' Lightweight Investigation Notebook☆435Dec 31, 2023Updated 2 years ago