Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
-
Updated
Jun 12, 2024 - Python
Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
Your Everyday Threat Intelligence
unix_collector is a live response collection script for Incident Response on UNIX-like systems using native binaries.
Documentation for DFIR ORC, artefact collection tool dedicated to Microsoft Windows
Forensics artefact collection tool for systems running Microsoft Windows
A curated list of tools for incident response. With repository stars⭐ and forks🍴
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration day to day tasks 😉
Automation and Scaling of Digital Forensics Tools
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
This tool is designed to support the investigation of Unified Audit Logs. The tool processes the logs, enriches IP addresses, offers filtering and provides visualizations.
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
A cross platform forensic parser written in Rust!
YARA signature and IOC database for my scanners and tools
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Convert Kape Files to DFIR-ORC configurations
Add a description, image, and links to the dfir topic page so that developers can more easily learn about it.
To associate your repository with the dfir topic, visit your repo's landing page and select "manage topics."