Do DFIR work in a Windows Sandbox
☆21Apr 29, 2026Updated last week
Alternatives and similar repositories for dfirws
Users that are interested in dfirws are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- develop an acceptable solution for a file containing many quadratic equation records.☆11Apr 22, 2025Updated last year
- Windows Forensics Salt States☆22Updated this week
- Show Window Stations, Desktops and top level windows☆17Jun 10, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- Forensic framework to build tools that can be reused in multiple projects without changing anything☆31Mar 19, 2026Updated last month
- CScorza Web - Insieme di tutti gli strumenti OSINT e Digital Forensics☆25Mar 22, 2026Updated last month
- Simple Imager has been created for performing live acquisition of Windows based systems in a forensically sound manner☆30Feb 27, 2026Updated 2 months ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆22Sep 30, 2022Updated 3 years ago
- Standalone POCs/Exploits from various sources for Jok3r☆29Jun 23, 2021Updated 4 years ago
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 3 years ago
- PoC for hiding data within $MFT☆12Aug 14, 2014Updated 11 years ago
- Manage your tasks in vikunja.☆25Aug 27, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆31Aug 13, 2025Updated 8 months ago
- Digital Artefact Extraction Tool for Discord Application☆12Apr 13, 2023Updated 3 years ago
- CLI tools for forensic investigation of Windows artifacts☆352Jul 21, 2025Updated 9 months ago
- Filter bypass for php shell upload using exiftool and injecting code into an existing image☆13Jan 28, 2021Updated 5 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- API and CLI tool to fetch and query Chome DevTools heap snapshots (Python & Playwright)☆16May 16, 2024Updated last year
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- shell script to create an image and perform initial examination on a drive☆15Feb 28, 2020Updated 6 years ago
- ASP.NET Core Middleware for introspecting the current dotnet process using Microsoft.Diagnostics.Runtime☆13Sep 13, 2019Updated 6 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Vault of Windows Registry forensic artifacts☆30Nov 12, 2025Updated 5 months ago
- Security Logon Event Analysis Tools - a collection of scripts for collecting, parsing, and analyzing logon events from Windows Security L…☆16Jun 22, 2016Updated 9 years ago
- ☆14Aug 17, 2025Updated 8 months ago
- A tool designed to extract data from a logical ReFS 3.4 forensic image produced by FTK Imager☆17Nov 22, 2023Updated 2 years ago
- ☆16Sep 12, 2021Updated 4 years ago
- Hackable Windows SandBox environment☆32Apr 20, 2023Updated 3 years ago
- A click-friendly infograph that helps you to understand Microsoft Intune [Windows Platform] better and directs you to the related Microso…☆40Apr 17, 2023Updated 3 years ago
- A comprehensive all-in-one Python-based Proof of Concept script to discover and exploit a critical authentication bypass vulnerability (C…☆12May 26, 2025Updated 11 months ago
- Repository for slide decks of public talks I've given.☆14Apr 17, 2026Updated 3 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Powerful infrastructure development tool based on Ansible☆21Updated this week
- open a reverse-shell in a GitHub Actions job☆31Nov 15, 2020Updated 5 years ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- ☆10May 30, 2023Updated 2 years ago
- Easily debug processes running in docker containers☆29Jun 22, 2024Updated last year
- Prevalence engine for .net.☆18May 21, 2010Updated 15 years ago
- Regexplore is a Volatility plugin designed to mimic the functionality of the Registry Explorer plugins in EZsuite☆18Mar 31, 2023Updated 3 years ago