live-response topics

uac

660

Stars

104

Forks

Watchers

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...

tclahr

aix

android

computer-forensics

dfir

mediator

96

Stars

15

Forks

Watchers

An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.

lawndoc

end-to-end-encryption

handlers

incident-response

incident-response-tooling

MemProcFS-Analyzer

411

Stars

47

Forks

Watchers

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

evild3ad

dfir

digital-forensics

incident-response

live-response

Collect-MemoryDump

211

Stars

26

Forks

Watchers

Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR

evild3ad

dfir

digital-forensics

incident-response

live-response

unix_collector

27

Stars

5

Forks

Watchers

unix_collector is a live response collection script for Incident Response on UNIX-like systems using native binaries.

op7ic

blueteam

computer-forensics

dfir

dfir-automation

MDE-DFIR-Resources

328

Stars

37

Forks

Watchers

A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.

cyb3rmik3

curated-collections

curated-list

dfir

digital-forensics