Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Collection of Event ID ressources useful for Digital Forensics and Incident Response
A repository of DFIR-related Mind Maps geared towards the visual learners!
翻译 - 面向视觉学习者的 DFIR 相关思维导图存储库!
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
#Awesome#A curated list of tools for incident response. With repository stars⭐ and forks🍴
#Awesome#A curated list of KAPE-related resources
(Sometimes partial) Python re-implementations of the technologies involved in reading various data sources in Chrome-esque applications.
TRACE is a digital forensic analysis tool that provides a user-friendly interface for investigating disk images.
A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhance the output of those tools
Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of every Windows OS version to compare and see what's been added with...
A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
A tool designed to analyse email headers
A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. Please add a new issue if you have an idea for something to add....
#区块链#Cryptocurrency Triage Tool - Identify multiple cryptocurrency addresses and transactions from various wallet applications!
A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!
This have 150+ books for start your career in the Penetration testing or cybersecurity