dfir topic

List dfir repositories

Invoke-LiveResponse

144
Stars
29
Forks
Watchers

Invoke-LiveResponse

verified publisher icon mgreen27

ATTACKdatamap

344
Stars
64
Forks
Watchers

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

verified publisher icon olafhartong

Blue-Team-Notes

1.5k
Stars
207
Forks
24
Watchers

You didn't think I'd go and leave the blue team out, right?

verified publisher icon Purp1eW0lf

DetectionLab

4.5k
Stars
972
Forks
Watchers

Automate the creation of a lab environment complete with security tooling and logging best practices

verified publisher icon clong

Loki

3.3k
Stars
574
Forks
Watchers

Loki - Simple IOC and YARA Scanner

verified publisher icon Neo23x0

signature-base

2.4k
Stars
593
Forks
Watchers

YARA signature and IOC database for my scanners and tools

verified publisher icon Neo23x0

swap_digger

498
Stars
91
Forks
Watchers

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web form...

verified publisher icon sevagas

MemLabs

1.6k
Stars
197
Forks
Watchers

Educational, CTF-styled labs for individuals interested in Memory Forensics

verified publisher icon stuxnet999

my-arsenal-of-aws-security-tools

8.8k
Stars
1.5k
Forks
Watchers

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

verified publisher icon toniblyx

userline

243
Stars
36
Forks
Watchers

Query and report user logons relations from MS Windows Security Events

verified publisher icon THIBER-ORG