dfir-automation
Automate the creation of a lab environment complete with security tooling and logging best practices
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
#Awesome#A curated list of tools for incident response. With repository stars⭐ and forks🍴
Graph Visualization for windows event logs
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
Fast lookup server for NSRL and other hash database used in digital forensic
unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and...
Pipeline that allows sending forensic artifacts to OpenRelik for automatic processing
Simple Imager has been created for performing live acquisition of Windows based systems in a forensically sound manner
A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
Toolset to analyze disks encrypted with McAFee FDE technology
🦾 Digital Forensics on Steroids
Easy automated vagrant provisioning of Windows 10 with flarevm tools installed for Digital Forensics and Malware Analysis Lab.
Sabonis, a Digital Forensics and Incident Response pivoting tool
- Website
- Wikipedia