GitHub topics: digital-forensics-incident-response
digitalisx/awesome-memory-forensics
A curated list of awesome Memory Forensics for DFIR
Size: 95.7 KB - Last synced at: 3 days ago - Pushed at: 2 months ago - Stars: 429 - Forks: 54
dfir-iris/iris-web
Collaborative Incident Response platform
Language: Python - Size: 31.9 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1,180 - Forks: 219
Masriyan/MacFIRE
MacFIRE – (Mac Forensic Investigation & Response Engine)
Language: Python - Size: 475 KB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 5 - Forks: 0
vm32/Linux-Incident-Response
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
Language: Shell - Size: 24.4 KB - Last synced at: 22 days ago - Pushed at: over 1 year ago - Stars: 397 - Forks: 57
vm32/Digital-Forensics-Script-for-Linux
Advanced Bash script designed for conducting digital forensics on Linux systems
Language: Shell - Size: 2.51 MB - Last synced at: 19 days ago - Pushed at: about 1 year ago - Stars: 141 - Forks: 26
paulveillard/cybersecurity-digital-forensics
A collection of digital forensics tools for verification, investigations, diagnostics, software, libraries, learning tutorials, frameworks, academic and practical resources in Cybersecurity
Size: 729 KB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 27 - Forks: 8
AngelSayani/Advanced-Registry-Forensic-Lab
This advanced-level lab focuses on Windows Registry forensics, providing a safe environment to learn and practice identifying and investigating common registry-based persistence mechanisms, used by APTs (Advanced Persistent Threats). It focuses on Windows registry analysis for detecting and mitigating security incidents.
Language: PowerShell - Size: 260 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
sergio11/retrospect
Retrospect 🔍 is a cybersecurity tool that analyzes historical web snapshots 🕒 from the Wayback Machine, uncovering vulnerabilities 🛡️, sensitive data leaks 🔓, and security misconfigurations 🛠️. It empowers security pros to predict and mitigate threats ⚠️ before they become exploitable.
Language: Python - Size: 901 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0
jupyterj0nes/masstin
Masstin: High-Speed DFIR Tool written in Rust and Graph Visualization in Neo4j for Comprehensive Lateral Movement Analysis
Language: Rust - Size: 2.42 MB - Last synced at: 21 days ago - Pushed at: 2 months ago - Stars: 3 - Forks: 0
CH-CLARK/WalletSleuth
Cryptocurrency Triage Tool - Identify multiple cryptocurrency addresses and transactions from various wallet applications!
Language: Python - Size: 316 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 16 - Forks: 2
Snausage0x45/KapeStrike
Automate forensic traige package collection and evidence parsing with KAPE and Crowdstrike
Language: PowerShell - Size: 22.5 KB - Last synced at: 1 day ago - Pushed at: about 3 years ago - Stars: 11 - Forks: 1
cyb3rmik3/MDE-DFIR-Resources
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
Size: 114 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 363 - Forks: 40
H3llKa1ser/SOC-Assistant-Guide
A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.
Size: 182 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 9 - Forks: 2
cclgroupltd/ccl_mozilla_reader
Python package for reading data from Mozilla Firefox data sources.
Language: Python - Size: 105 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0
Ng00m4lDhuhr/LogThoth
Interactive Dynamic Windows Event Logs Timeline Tool
Language: Python - Size: 25.2 MB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 1 - Forks: 0
AvinashSingh786/SecureRS
Secure Readiness Storage
Language: JavaScript - Size: 18.2 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 3 - Forks: 3
cuhsat/fact
Forensic Artifacts Collecting Toolset
Language: Go - Size: 179 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 1 - Forks: 0
MaryamTaeb/DeepFake_Authenticator
This DeepFake Detection DApp enables users to upload evidence pertaining to specific incidents and conducts a variety of checks, including metadata comparison, deepfake detection, and fake news identification.
Language: JavaScript - Size: 62.4 MB - Last synced at: 12 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0
digitalisx/januss
Janus: malware analysis by memory comparison
Language: Python - Size: 43 KB - Last synced at: 12 months ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0
digitalisx/gtracer
GTracer : Google Sync and Backup Log Analyzer
Language: TypeScript - Size: 3.44 MB - Last synced at: 12 months ago - Pushed at: almost 3 years ago - Stars: 0 - Forks: 0
DFIRScience/dfir.science
The DFIR.Science research blog about digital forensic investigation.
Language: HTML - Size: 78.6 MB - Last synced at: 3 days ago - Pushed at: 8 months ago - Stars: 13 - Forks: 1
brxcybr/powershell
A collection of Cyber Security related scripts, programs, and tools create for Microsoft Windows PowerShell.
Language: PowerShell - Size: 24.4 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 1
dfir-dd/dfir-toolkit
CLI tools for forensic investigation of Windows artifacts
Language: Rust - Size: 1.1 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 235 - Forks: 20
0x1o1/BSF24-CTF
رايت أب لتحديات م.فيصل الحميد في مجال الفريق الدفاعي
Size: 135 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
githubfoam/zeek-sandbox
zeek network security monitoring NIDS HIDS
Language: Ruby - Size: 68.4 KB - Last synced at: 28 days ago - Pushed at: over 4 years ago - Stars: 2 - Forks: 0
EvolvingSysadmin/Blue-Team-Toolkit
Tools and Techniques for Digital Forensics and Incident Response
Size: 454 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 5 - Forks: 3
Panagiotis-INS/Cyber-Defenders
This repo is all about Blue teamming and CyberDefenders Write-up for their DFIR challenges
Language: JavaScript - Size: 469 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 13 - Forks: 8
cyph3rryx/Hexadecimal-Data-Monitor-for-Serial-Ports
This script allows you to connect to a serial port and display incoming data in real-time. It also includes options to format, filter, and log the data.
Language: Python - Size: 37.1 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
githubfoam/osquery-sandbox
osquery CTI, DFIR
Language: Jinja - Size: 103 KB - Last synced at: 15 days ago - Pushed at: almost 4 years ago - Stars: 4 - Forks: 2
wongkenny240/ComputerForensics
My digital forensics notebook
Size: 18.9 MB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 8 - Forks: 0
yassirlaaouissi/RELY
RELY (Name composed on project members Romy, Esther, Lucille and Yassir) is a python tool developed to help a Digital Forensics Triage procedure on some Microsoft Windows devices.
Language: Python - Size: 76.7 MB - Last synced at: over 1 year ago - Pushed at: almost 4 years ago - Stars: 2 - Forks: 1
zam89/EZ-Tools-GUI
Making KAPE forensic artifact processing easier
Size: 62.6 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 0
QXJ6YW4/SimpleImager
Simple Imager has been created for performing live acquisition of Windows based systems in a forensically sound manner
Language: Batchfile - Size: 2.57 MB - Last synced at: almost 2 years ago - Pushed at: almost 3 years ago - Stars: 23 - Forks: 4
comaeio/playbooks
A collection of detection playbooks for Comae platform.
Size: 19.5 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 0
githubfoam/ELK-sandbox
ELK network visibility CTI DFIR
Language: Makefile - Size: 253 KB - Last synced at: 28 days ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0
theronielanddaronpodcastshow/ActiveSyncParser
A quick java application designed to parse Microsoft ActiveSync logs for digital forensics professionals
Language: Java - Size: 9.77 KB - Last synced at: almost 2 years ago - Pushed at: about 3 years ago - Stars: 1 - Forks: 0
githubfoam/graylog-sandbox
graylog testing
Language: Jinja - Size: 108 KB - Last synced at: 28 days ago - Pushed at: almost 4 years ago - Stars: 0 - Forks: 0
githubfoam/multi-arch-os-osquery-travisci
multi arch os osquery travisci pipeline python virtuenv
Language: Shell - Size: 35.2 KB - Last synced at: 28 days ago - Pushed at: almost 4 years ago - Stars: 0 - Forks: 0
githubfoam/suricata-sandbox
network security monitoring NIDS HIDS CTI DFIR
Size: 51.8 KB - Last synced at: 28 days ago - Pushed at: over 5 years ago - Stars: 1 - Forks: 0