8000 dfir-dd · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
@dfir-dd

dfir-dd

README.md

DFIR-DD Team Site

Who are we?

A team of incident responders and forensic analysts, currently working at BDO Cyber Security in Dresden.

Need to contact us? Send a mail to info@dfir-dd.de.

Our tools

Tool What does it do ?
DFIR Toolkit Collection of CLI tools for Windows forensic analysis
dionysos Scanner for various IoCs, esp. yara-based
Dissect Triage A binary to collect triage data from Windows Systems, based on dissect
Kirby Parse several forensic artifacts from a windows (triage) image, based on dissect

Popular repositories Loading

  1. dfir-toolkit dfir-toolkit Public

    CLI tools for forensic investigation of Windows artifacts

    Rust 339 28

  2. incident-response-playbooks incident-response-playbooks Public

    Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents

    42 3

  3. dionysos dionysos Public

    Scanner for certain IoCs

    Rust 11 2

  4. nt-hive2 nt-hive2 Public

    Windows registry parser library build upon BinRead

    Rust 7 2

  5. velociraptor-artifacts velociraptor-artifacts Public

    Custom Artifacts for Rapid7 Velociraptor Software

    2

  6. kirby kirby Public

    A script to parse several forensic artifacts of given windows (triage) images, using dissect

    Python 1

Repositories

Showing 10 of 12 repositories
View all repositories

Top languages

Loading…

Most used topics

Loading…
0