62 skills found · Page 1 of 3
toniblyx / My Arsenal Of Aws Security ToolsList of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
cisagov / CHIRPA DFIR tool written in Python.
wagga40 / ZircoliteA standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
securityjoes / MasterParserMasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
Netflix-Skunkworks / Diffy:no_entry: (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
cyberblu3s / CyberBlueCyberSecurity BLUE TEAM containerized platform that brings together open-source tools for SIEM, DFIR, CTI, SOAR, and Network Analysis
cyb3rmik3 / MDE DFIR ResourcesA curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
WithSecureLabs / KanvasA simple-to-use IR (incident response) case management tool for tracking and documenting investigations.
acquiredsecurity / Forensic TimelinerA high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Tools) Kape, Axiom, Hayabusa, Chainsaw and Nirsoft into a unified timeline.
Lazza / FujimacOS forensic acquisition made simple
marcurdy / Dfir ToolsetDump of organized knowledge on DFIR
depalmar / AI For The WinBuild AI-powered security tools. 50+ hands-on labs covering ML, LLMs, RAG, threat detection, DFIR, and red teaming. Includes Colab notebooks, Docker environment, and CTF challenges.
KasperskyLab / ForensicsToolsTools for DFIR
dbissell6 / DFIRThis is a repository dedicated to the DFIR journey. Contains notes, reflections and links to tools.
Nervi0z / Btl1 Field NotesField reference for BTL1 and Tier 1 SOC work — grep-ready cheatsheets, SPL queries, Volatility workflows, live response commands
archanchoudhury / DFIR ToolsThis is the One Stop place where you can find almost all of your Tools of Requirements in DFIR
Digital-Forensics-Discord-Server / ArtifactParsersA repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
Concinnity-Risks / RansomCoinPublicA DFIR tool to extract cryptocoin addresses and other indicators of compromise from binaries.
Recruit-CSIRT / MacOSTriageToolA DFIR tool to collect artifacts on macOS
woanware / AutorunnerEmulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing
